From 60b96e0a624fb7a7dfc93d94d13e4ce26596b152 Mon Sep 17 00:00:00 2001 From: Timofei Larkin Date: Thu, 10 Apr 2025 16:58:01 +0300 Subject: [PATCH 01/38] Refactor management etcd monitoring config * Reuse the vmagent's serviceaccount * Mount the serviceaccount token instead of manually creating secrets * Give the kube-rbac-proxy a unique labelset to avoid targeting wrong pods Signed-off-by: Timofei Larkin --- .../templates/etcd-proxy-scrape.yaml | 51 +++++++------------ 1 file changed, 19 insertions(+), 32 deletions(-) diff --git a/packages/system/monitoring-agents/templates/etcd-proxy-scrape.yaml b/packages/system/monitoring-agents/templates/etcd-proxy-scrape.yaml index 275a6f47..9f3ecc7c 100644 --- a/packages/system/monitoring-agents/templates/etcd-proxy-scrape.yaml +++ b/packages/system/monitoring-agents/templates/etcd-proxy-scrape.yaml @@ -1,19 +1,29 @@ {{- if .Values.scrapeRules.etcd.enabled }} +--- apiVersion: apps/v1 kind: DaemonSet metadata: name: kube-rbac-proxy namespace: cozy-monitoring labels: - app: kube-rbac-proxy + app.kubernetes.io/name: etcd + app.kubernetes.io/instance: etcd + app.kubernetes.io/part-of: control-plane + app.kubernetes.io/component: kube-rbac-proxy spec: selector: matchLabels: - app: kube-rbac-proxy + app.kubernetes.io/name: etcd + app.kubernetes.io/instance: etcd + app.kubernetes.io/part-of: control-plane + app.kubernetes.io/component: kube-rbac-proxy template: metadata: labels: - app: kube-rbac-proxy + app.kubernetes.io/name: etcd + app.kubernetes.io/instance: etcd + app.kubernetes.io/part-of: control-plane + app.kubernetes.io/component: kube-rbac-proxy spec: serviceAccountName: kube-rbac-proxy hostNetwork: true @@ -38,7 +48,6 @@ spec: runAsNonRoot: true --- - apiVersion: v1 kind: ServiceAccount metadata: @@ -46,7 +55,6 @@ metadata: namespace: cozy-monitoring --- - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -60,7 +68,6 @@ rules: verbs: ["create"] --- - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -75,15 +82,6 @@ subjects: namespace: cozy-monitoring --- - -apiVersion: v1 -kind: ServiceAccount -metadata: - name: vm-scrape - namespace: cozy-monitoring - ---- - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: @@ -93,7 +91,6 @@ rules: verbs: ["get"] --- - apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: @@ -104,21 +101,10 @@ roleRef: name: etcd-metrics-reader subjects: - kind: ServiceAccount - name: vm-scrape + name: vmagent-vmagent namespace: cozy-monitoring --- - -apiVersion: v1 -kind: Secret -type: kubernetes.io/service-account-token -metadata: - name: vm-token - annotations: - kubernetes.io/service-account.name: vm-scrape - ---- - apiVersion: operator.victoriametrics.com/v1beta1 kind: VMPodScrape metadata: @@ -129,10 +115,11 @@ spec: scheme: https tlsConfig: insecureSkipVerify: true - bearerTokenSecret: - name: vm-token - key: token + bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token selector: matchLabels: - app: kube-rbac-proxy + app.kubernetes.io/name: etcd + app.kubernetes.io/instance: etcd + app.kubernetes.io/part-of: control-plane + app.kubernetes.io/component: kube-rbac-proxy {{- end }} From 12bedef2d32b4f987b58454c27037ca7b7ffa0b9 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Fri, 11 Apr 2025 08:55:11 +0200 Subject: [PATCH 02/38] [ci] Fix release branch matching --- .github/workflows/pull-requests-release.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull-requests-release.yaml b/.github/workflows/pull-requests-release.yaml index a0896f26..5d97e5e6 100644 --- a/.github/workflows/pull-requests-release.yaml +++ b/.github/workflows/pull-requests-release.yaml @@ -51,10 +51,10 @@ jobs: with: script: | const branch = context.payload.pull_request.head.ref; - const match = branch.match(/^release-(v\d+\.\d+\.\d+(?:[-\w\.]+)?)$/); + const match = branch.match(/^release-(\d+\.\d+\.\d+(?:[-\w\.]+)?)$/); if (!match) { - core.setFailed(`Branch '${branch}' does not match expected format 'release-vX.Y.Z[-suffix]'`); + core.setFailed(`Branch '${branch}' does not match expected format 'release-X.Y.Z[-suffix]'`); } else { const tag = match[1]; core.setOutput('tag', tag); From f507802ec9437085afa07ac43baf1172f196921d Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Fri, 11 Apr 2025 11:51:25 +0300 Subject: [PATCH 03/38] (monitoring) patch for fix vlogs image Signed-off-by: kklinch0 --- packages/extra/monitoring/Chart.yaml | 2 +- packages/extra/versions_map | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/packages/extra/monitoring/Chart.yaml b/packages/extra/monitoring/Chart.yaml index 47e29462..5a9de461 100644 --- a/packages/extra/monitoring/Chart.yaml +++ b/packages/extra/monitoring/Chart.yaml @@ -3,4 +3,4 @@ name: monitoring description: Monitoring and observability stack icon: /logos/monitoring.svg type: application -version: 1.9.1 +version: 1.9.2 diff --git a/packages/extra/versions_map b/packages/extra/versions_map index cff2ce01..d4ee1e2c 100644 --- a/packages/extra/versions_map +++ b/packages/extra/versions_map @@ -34,7 +34,8 @@ monitoring 1.7.0 2a976afe monitoring 1.8.0 8c460528 monitoring 1.8.1 8267072d monitoring 1.9.0 45a7416c -monitoring 1.9.1 HEAD +monitoring 1.9.1 fd240701 +monitoring 1.9.2 HEAD seaweedfs 0.1.0 71514249 seaweedfs 0.2.0 5fb9cfe3 seaweedfs 0.2.1 fde4bcfa From 7f4af5ebbcd13c7ad53ec41dbd404d723d2124c4 Mon Sep 17 00:00:00 2001 From: kvaps Date: Fri, 11 Apr 2025 10:07:16 +0000 Subject: [PATCH 04/38] Prepare release v0.30.1 Signed-off-by: kvaps --- packages/apps/http-cache/images/nginx-cache.tag | 2 +- packages/apps/kubernetes/images/kubevirt-csi-driver.tag | 2 +- packages/core/installer/values.yaml | 2 +- packages/core/testing/values.yaml | 2 +- packages/extra/bootbox/images/matchbox.tag | 2 +- packages/extra/monitoring/images/grafana.tag | 2 +- packages/system/bucket/images/s3manager.tag | 2 +- packages/system/cozystack-api/values.yaml | 2 +- packages/system/cozystack-controller/values.yaml | 4 ++-- .../charts/kubeapps/templates/dashboard/configmap.yaml | 2 +- packages/system/dashboard/values.yaml | 4 ++-- packages/system/kamaji/values.yaml | 2 +- packages/system/kubeovn-webhook/values.yaml | 2 +- packages/system/kubeovn/values.yaml | 2 +- 14 files changed, 16 insertions(+), 16 deletions(-) diff --git a/packages/apps/http-cache/images/nginx-cache.tag b/packages/apps/http-cache/images/nginx-cache.tag index 131a2ea6..e8e62c73 100644 --- a/packages/apps/http-cache/images/nginx-cache.tag +++ b/packages/apps/http-cache/images/nginx-cache.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/nginx-cache:0.4.0@sha256:529650c1aa6ee4ceba74af35b526e4e6f4ad44d9a8a75d1f2f2dbb015cbf194c +ghcr.io/cozystack/cozystack/nginx-cache:0.4.0@sha256:bef7344da098c4dc400a9e20ffad10ac991df67d09a30026207454abbc91f28b diff --git a/packages/apps/kubernetes/images/kubevirt-csi-driver.tag b/packages/apps/kubernetes/images/kubevirt-csi-driver.tag index 92986060..fc109575 100644 --- a/packages/apps/kubernetes/images/kubevirt-csi-driver.tag +++ b/packages/apps/kubernetes/images/kubevirt-csi-driver.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.17.1@sha256:1a6605d3bff6342e12bcc257e852a4f89e97e8af6d3d259930ec07c7ad5f001d +ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.17.1@sha256:d1346d59224e6d2d07f1551af918ed31e57ba84b750122c1aeceaf9b33dd2271 diff --git a/packages/core/installer/values.yaml b/packages/core/installer/values.yaml index 695796af..69ff8629 100644 --- a/packages/core/installer/values.yaml +++ b/packages/core/installer/values.yaml @@ -1,2 +1,2 @@ cozystack: - image: ghcr.io/cozystack/cozystack/installer:v0.30.0@sha256:aba19d8524cd9d55db8dd5600be92cf53cd218507df46b4294905336603fc7cc + image: ghcr.io/cozystack/cozystack/installer:v0.30.1@sha256:29b975e1485efa98965d292d772efc11966724fef2f9b70612e398dff0eded5b diff --git a/packages/core/testing/values.yaml b/packages/core/testing/values.yaml index 3b793d2d..b44f842b 100755 --- a/packages/core/testing/values.yaml +++ b/packages/core/testing/values.yaml @@ -1,2 +1,2 @@ e2e: - image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.30.0@sha256:c887410f9004805522594680fd05d5454953613fd568c527589952294d9793e9 + image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.30.1@sha256:04dcc6161e9bdb4d30538e3706bb29c93c1d615c6f3d940f9af64d3dda2f491e diff --git a/packages/extra/bootbox/images/matchbox.tag b/packages/extra/bootbox/images/matchbox.tag index 167a87d1..067e8ffd 100644 --- a/packages/extra/bootbox/images/matchbox.tag +++ b/packages/extra/bootbox/images/matchbox.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/matchbox:v0.30.0@sha256:d67e66faf1da74d60bbfa7502eb4aa0d9ebf961bf641132e4b22a09505ed2445 +ghcr.io/cozystack/cozystack/matchbox:v0.30.1@sha256:a30e58f07c702e693f9bc052c3ef6eab443e1db8bcc86689199b2db6af14ebb7 diff --git a/packages/extra/monitoring/images/grafana.tag b/packages/extra/monitoring/images/grafana.tag index 4adf9f6b..f790713d 100644 --- a/packages/extra/monitoring/images/grafana.tag +++ b/packages/extra/monitoring/images/grafana.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/grafana:1.9.1@sha256:c63978e1ed0304e8518b31ddee56c4e8115541b997d8efbe1c0a74da57140399 +ghcr.io/cozystack/cozystack/grafana:1.9.2@sha256:fb48d37f1a9386e0023df9ac067ec2e03953b7b8c9d6abf2d12716e084f846a4 diff --git a/packages/system/bucket/images/s3manager.tag b/packages/system/bucket/images/s3manager.tag index 58040b38..b5b127ce 100644 --- a/packages/system/bucket/images/s3manager.tag +++ b/packages/system/bucket/images/s3manager.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/s3manager:v0.5.0@sha256:d008018f35fc30ad86de200e2cf3d8ab93b3d8cff303a7ffe388192b87d86ac4 +ghcr.io/cozystack/cozystack/s3manager:v0.5.0@sha256:3537d3baaf96d576148e6df17552f2ead2b7a55ba122ef542a2e99bde896d218 diff --git a/packages/system/cozystack-api/values.yaml b/packages/system/cozystack-api/values.yaml index cd84a040..33adc010 100644 --- a/packages/system/cozystack-api/values.yaml +++ b/packages/system/cozystack-api/values.yaml @@ -1,2 +1,2 @@ cozystackAPI: - image: ghcr.io/cozystack/cozystack/cozystack-api:v0.30.0@sha256:7ef370dc8aeac0a6b2a50b7d949f070eb21d267ba0a70e7fc7c1564bfe6d4f83 + image: ghcr.io/cozystack/cozystack/cozystack-api:v0.30.1@sha256:7ef370dc8aeac0a6b2a50b7d949f070eb21d267ba0a70e7fc7c1564bfe6d4f83 diff --git a/packages/system/cozystack-controller/values.yaml b/packages/system/cozystack-controller/values.yaml index fbc3e290..ae1cb9fe 100644 --- a/packages/system/cozystack-controller/values.yaml +++ b/packages/system/cozystack-controller/values.yaml @@ -1,5 +1,5 @@ cozystackController: - image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.30.0@sha256:5b87a8ea0dcde1671f44532c1ee6db11a5dd922d1a009078ecf6495ec193e52a + image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.30.1@sha256:5b87a8ea0dcde1671f44532c1ee6db11a5dd922d1a009078ecf6495ec193e52a debug: false disableTelemetry: false - cozystackVersion: "v0.30.0" + cozystackVersion: "v0.30.1" diff --git a/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml b/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml index 24f1bcf8..e3a2d4ba 100644 --- a/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml +++ b/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml @@ -76,7 +76,7 @@ data: "kubeappsNamespace": {{ .Release.Namespace | quote }}, "helmGlobalNamespace": {{ include "kubeapps.helmGlobalPackagingNamespace" . | quote }}, "carvelGlobalNamespace": {{ .Values.kubeappsapis.pluginConfig.kappController.packages.v1alpha1.globalPackagingNamespace | quote }}, - "appVersion": "v0.30.0", + "appVersion": "v0.30.1", "authProxyEnabled": {{ .Values.authProxy.enabled }}, "oauthLoginURI": {{ .Values.authProxy.oauthLoginURI | quote }}, "oauthLogoutURI": {{ .Values.authProxy.oauthLogoutURI | quote }}, diff --git a/packages/system/dashboard/values.yaml b/packages/system/dashboard/values.yaml index 71da7e38..cb725a04 100644 --- a/packages/system/dashboard/values.yaml +++ b/packages/system/dashboard/values.yaml @@ -18,13 +18,13 @@ kubeapps: image: registry: ghcr.io/cozystack/cozystack repository: dashboard - tag: v0.30.0 + tag: v0.30.1 digest: "sha256:a83fe4654f547469cfa469a02bda1273c54bca103a41eb007fdb2e18a7a91e93" kubeappsapis: image: registry: ghcr.io/cozystack/cozystack repository: kubeapps-apis - tag: v0.30.0 + tag: v0.30.1 digest: "sha256:5019c8fc4a5d4437cae32a635303ceebcb489c582092fd4bcfc04353b4582233" pluginConfig: flux: diff --git a/packages/system/kamaji/values.yaml b/packages/system/kamaji/values.yaml index 9333bfb9..ad86934a 100644 --- a/packages/system/kamaji/values.yaml +++ b/packages/system/kamaji/values.yaml @@ -3,7 +3,7 @@ kamaji: deploy: false image: pullPolicy: IfNotPresent - tag: v0.30.0@sha256:af3e4faa07c582c6c0e1630f5b33d3d179daec6576bce37164cfe1dc3efd238a + tag: v0.30.1@sha256:e6be608afa1aba23309d419cba5406a70fc510dcab8cb399fcd2064c1b48f10e repository: ghcr.io/cozystack/cozystack/kamaji resources: limits: diff --git a/packages/system/kubeovn-webhook/values.yaml b/packages/system/kubeovn-webhook/values.yaml index e2768c17..74cc3b45 100644 --- a/packages/system/kubeovn-webhook/values.yaml +++ b/packages/system/kubeovn-webhook/values.yaml @@ -1,3 +1,3 @@ portSecurity: true routes: "" -image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.30.0@sha256:fa14fa7a0ffa628eb079ddcf6ce41d75b43de92e50f489422f8fb15c4dab2dbf +image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.30.1@sha256:fa14fa7a0ffa628eb079ddcf6ce41d75b43de92e50f489422f8fb15c4dab2dbf diff --git a/packages/system/kubeovn/values.yaml b/packages/system/kubeovn/values.yaml index 1d1921bc..35b2f6c3 100644 --- a/packages/system/kubeovn/values.yaml +++ b/packages/system/kubeovn/values.yaml @@ -22,4 +22,4 @@ global: images: kubeovn: repository: kubeovn - tag: v1.13.8@sha256:46ae1fe72aec9e153fff24186eeb297b7c6f27354f050993c7a2772c68a208ef + tag: v1.13.8@sha256:385329464045cdf5e01364e9f2293edc71065a0910576a8e26ea9ac7097aae71 From 6d2ea1295e73ddbfd955d12128147f0f17bcd8bc Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Fri, 11 Apr 2025 12:41:33 +0200 Subject: [PATCH 05/38] [ci] Fix matching tag for release branch Signed-off-by: Andrei Kvapil --- .github/workflows/pull-requests-release.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull-requests-release.yaml b/.github/workflows/pull-requests-release.yaml index 5d97e5e6..49edbba3 100644 --- a/.github/workflows/pull-requests-release.yaml +++ b/.github/workflows/pull-requests-release.yaml @@ -52,11 +52,11 @@ jobs: script: | const branch = context.payload.pull_request.head.ref; const match = branch.match(/^release-(\d+\.\d+\.\d+(?:[-\w\.]+)?)$/); - + if (!match) { core.setFailed(`Branch '${branch}' does not match expected format 'release-X.Y.Z[-suffix]'`); } else { - const tag = match[1]; + const tag = `v${match[1]}`; core.setOutput('tag', tag); console.log(`✅ Extracted tag: ${tag}`); } From da8100965f106da0a105e118ce0ae40f37702606 Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Fri, 11 Apr 2025 14:50:02 +0300 Subject: [PATCH 06/38] [monitoring] add vpa for users k8s clusters Signed-off-by: kklinch0 --- packages/apps/kubernetes/Chart.yaml | 2 +- .../helmreleases/monitoring-agents.yaml | 4 +- .../vertical-pod-autoscaler-crds.yaml | 41 +++++++++++ .../helmreleases/vertical-pod-autoscaler.yaml | 69 +++++++++++++++++++ packages/apps/kubernetes/values.yaml | 7 ++ packages/apps/versions_map | 3 +- 6 files changed, 122 insertions(+), 4 deletions(-) create mode 100644 packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler-crds.yaml create mode 100644 packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml diff --git a/packages/apps/kubernetes/Chart.yaml b/packages/apps/kubernetes/Chart.yaml index 42dcbf5c..35a41f92 100644 --- a/packages/apps/kubernetes/Chart.yaml +++ b/packages/apps/kubernetes/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.17.1 +version: 0.18.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml b/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml index ab129e64..eb19f23b 100644 --- a/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml @@ -38,10 +38,10 @@ spec: - name: {{ .Release.Name }} namespace: {{ .Release.Namespace }} {{- end }} - - name: {{ .Release.Name }}-cilium - namespace: {{ .Release.Namespace }} - name: {{ .Release.Name }}-cozy-victoria-metrics-operator namespace: {{ .Release.Namespace }} + - name: {{ .Release.Name }}-vertical-pod-autoscaler-crds + namespace: {{ .Release.Namespace }} values: vmagent: externalLabels: diff --git a/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler-crds.yaml b/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler-crds.yaml new file mode 100644 index 00000000..89634565 --- /dev/null +++ b/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler-crds.yaml @@ -0,0 +1,41 @@ +{{- if .Values.addons.monitoringAgents.enabled }} +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: {{ .Release.Name }}-vertical-pod-autoscaler-crds + labels: + cozystack.io/repository: system + coztstack.io/target-cluster-name: {{ .Release.Name }} +spec: + interval: 5m + releaseName: vertical-pod-autoscaler-crds + chart: + spec: + chart: cozy-vertical-pod-autoscaler-crds + reconcileStrategy: Revision + sourceRef: + kind: HelmRepository + name: cozystack-system + namespace: cozy-system + kubeConfig: + secretRef: + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc + targetNamespace: cozy-vertical-pod-autoscaler-crds + storageNamespace: cozy-vertical-pod-autoscaler-crds + install: + createNamespace: true + remediation: + retries: -1 + upgrade: + remediation: + retries: -1 + + dependsOn: + {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }} + - name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + {{- end }} + - name: {{ .Release.Name }}-cilium + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml b/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml new file mode 100644 index 00000000..d5e17079 --- /dev/null +++ b/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml @@ -0,0 +1,69 @@ +{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} +{{- $targetTenant := index $myNS.metadata.annotations "namespace.cozystack.io/monitoring" }} +{{- if .Values.addons.monitoringAgents.enabled }} +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: {{ .Release.Name }}-vertical-pod-autoscaler + labels: + cozystack.io/repository: system + coztstack.io/target-cluster-name: {{ .Release.Name }} +spec: + interval: 5m + releaseName: vertical-pod-autoscaler + chart: + spec: + chart: cozy-vertical-pod-autoscaler + reconcileStrategy: Revision + sourceRef: + kind: HelmRepository + name: cozystack-system + namespace: cozy-system + kubeConfig: + secretRef: + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc + targetNamespace: cozy-vertical-pod-autoscaler + storageNamespace: cozy-vertical-pod-autoscaler + install: + createNamespace: true + remediation: + retries: -1 + upgrade: + remediation: + retries: -1 + values: + vertical-pod-autoscaler: + recommender: + extraArgs: + container-name-label: container + container-namespace-label: namespace + container-pod-name-label: pod + storage: prometheus + memory-saver: true + pod-label-prefix: label_ + metric-for-pod-labels: kube_pod_labels{job="kube-state-metrics", tenant="{{ .Release.Namespace }}", cluster="{{ .Release.Name }}"}[8d] + pod-name-label: pod + pod-namespace-label: namespace + prometheus-address: http://vmselect-shortterm.{{ $targetTenant }}.svc.cozy.local:8481/select/0/prometheus/ + prometheus-cadvisor-job-name: cadvisor + resources: + limits: + memory: 1600Mi + requests: + cpu: 100m + memory: 1600Mi + {{- if .Values.addons.verticalPodAutoscaler.valuesOverride }} + valuesFrom: + - kind: Secret + name: {{ .Release.Name }}-vertical-pod-autoscaler-values-override + valuesKey: values + {{- end }} + dependsOn: + {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }} + - name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + {{- end }} + - name: {{ .Release.Name }}-monitoring-agents + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/packages/apps/kubernetes/values.yaml b/packages/apps/kubernetes/values.yaml index c6982dab..9fb60221 100644 --- a/packages/apps/kubernetes/values.yaml +++ b/packages/apps/kubernetes/values.yaml @@ -70,6 +70,13 @@ addons: enabled: false valuesOverride: {} + ## VerticalPodAutoscaler + ## + verticalPodAutoscaler: + ## @param addons.verticalPodAutoscaler.valuesOverride Custom values to override + ## + valuesOverride: {} + ## @section Kamaji control plane ## kamajiControlPlane: diff --git a/packages/apps/versions_map b/packages/apps/versions_map index 9812a49d..8234bad8 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -57,7 +57,8 @@ kubernetes 0.15.1 160e4e2a kubernetes 0.15.2 8267072d kubernetes 0.16.0 077045b0 kubernetes 0.17.0 1fbbfcd0 -kubernetes 0.17.1 HEAD +kubernetes 0.17.1 fd240701 +kubernetes 0.18.0 HEAD mysql 0.1.0 263e47be mysql 0.2.0 c24a103f mysql 0.3.0 53f2365e From f90fc6f68172571bae2bb825747bc617f7621cbc Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Mon, 14 Apr 2025 13:20:28 +0300 Subject: [PATCH 07/38] [platform] fix deleting bundles Signed-off-by: kklinch0 --- .../core/installer/images/cozystack/Dockerfile | 1 + packages/core/platform/Makefile | 13 ++++++++++++- .../core/platform/templates/helmreleases.yaml | 18 ++++++++++++++++++ scripts/installer.sh | 4 ++-- 4 files changed, 33 insertions(+), 3 deletions(-) diff --git a/packages/core/installer/images/cozystack/Dockerfile b/packages/core/installer/images/cozystack/Dockerfile index ed734834..fcb2a73a 100644 --- a/packages/core/installer/images/cozystack/Dockerfile +++ b/packages/core/installer/images/cozystack/Dockerfile @@ -30,6 +30,7 @@ FROM alpine:3.21 RUN apk add --no-cache make RUN apk add helm kubectl --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community +RUN apk add yq COPY scripts /cozystack/scripts COPY --from=builder /src/packages/core /cozystack/packages/core diff --git a/packages/core/platform/Makefile b/packages/core/platform/Makefile index 6ea9828f..a2b95ddf 100644 --- a/packages/core/platform/Makefile +++ b/packages/core/platform/Makefile @@ -7,7 +7,18 @@ show: helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) apply: - helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) | kubectl apply -f- + @echo "Applying active HelmReleases..." + helm template -n $(NAMESPACE) $(NAME) . --dry-run=server \ + | yq 'select(.metadata.annotations."cozystack.io/marked-for-deletion" != "true")' - \ + | kubectl apply -f- + +delete: + @echo "Deleting marked-for-deletion HelmReleases..." + helm template -n $(NAMESPACE) $(NAME) . --dry-run=server \ + | yq 'select(.metadata.annotations."cozystack.io/marked-for-deletion" == "true")' - \ + | kubectl delete -f - --ignore-not-found=true + +reconcile: apply delete namespaces-show: helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) -s templates/namespaces.yaml diff --git a/packages/core/platform/templates/helmreleases.yaml b/packages/core/platform/templates/helmreleases.yaml index df0b1bfd..d437888f 100644 --- a/packages/core/platform/templates/helmreleases.yaml +++ b/packages/core/platform/templates/helmreleases.yaml @@ -80,3 +80,21 @@ spec: {{- end }} {{- end }} {{- end }} + +{{- range $name := $disabledComponents }} + {{- if ne $name "" }} +--- +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: {{ $name }} + namespace: {{ index $dependencyNamespaces $name | default "cozy-system" }} + annotations: + cozystack.io/marked-for-deletion: "true" + labels: + cozystack.io/repository: system + cozystack.io/system-app: "true" +spec: + suspend: true + {{- end }} +{{- end }} diff --git a/scripts/installer.sh b/scripts/installer.sh index e3032145..d7667d5a 100755 --- a/scripts/installer.sh +++ b/scripts/installer.sh @@ -70,7 +70,7 @@ make -C packages/core/platform namespaces-apply ensure_fluxcd # Install platform chart -make -C packages/core/platform apply +make -C packages/core/platform reconcile # Install basic charts if ! flux_is_ok; then @@ -93,5 +93,5 @@ done trap 'exit' INT TERM while true; do sleep 60 & wait - make -C packages/core/platform apply + make -C packages/core/platform reconcile done From 5a5cf917425f2956f5d91b46d5cb9293e516677a Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Mon, 14 Apr 2025 15:36:11 +0300 Subject: [PATCH 08/38] (platform): revert API_VERSIONS_FLAGS Signed-off-by: kklinch0 --- packages/core/platform/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/core/platform/Makefile b/packages/core/platform/Makefile index a2b95ddf..3196ed09 100644 --- a/packages/core/platform/Makefile +++ b/packages/core/platform/Makefile @@ -8,13 +8,13 @@ show: apply: @echo "Applying active HelmReleases..." - helm template -n $(NAMESPACE) $(NAME) . --dry-run=server \ + helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) \ | yq 'select(.metadata.annotations."cozystack.io/marked-for-deletion" != "true")' - \ | kubectl apply -f- delete: @echo "Deleting marked-for-deletion HelmReleases..." - helm template -n $(NAMESPACE) $(NAME) . --dry-run=server \ + helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) \ | yq 'select(.metadata.annotations."cozystack.io/marked-for-deletion" == "true")' - \ | kubectl delete -f - --ignore-not-found=true From 05d6ab951683c9e0fe07fcb6e4bee1b7f6779a46 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Mon, 14 Apr 2025 17:02:37 +0200 Subject: [PATCH 09/38] [platform] Another logic for deleting components Signed-off-by: Andrei Kvapil --- packages/core/platform/Makefile | 11 ++---- .../core/platform/templates/helmreleases.yaml | 35 ++++++++----------- 2 files changed, 16 insertions(+), 30 deletions(-) diff --git a/packages/core/platform/Makefile b/packages/core/platform/Makefile index 3196ed09..fdc8df24 100644 --- a/packages/core/platform/Makefile +++ b/packages/core/platform/Makefile @@ -7,18 +7,11 @@ show: helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) apply: - @echo "Applying active HelmReleases..." helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) \ - | yq 'select(.metadata.annotations."cozystack.io/marked-for-deletion" != "true")' - \ | kubectl apply -f- + kubectl delete helmreleases.helm.toolkit.fluxcd.io -l cozystack.io/marked-for-deletion=true -A -delete: - @echo "Deleting marked-for-deletion HelmReleases..." - helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) \ - | yq 'select(.metadata.annotations."cozystack.io/marked-for-deletion" == "true")' - \ - | kubectl delete -f - --ignore-not-found=true - -reconcile: apply delete +reconcile: apply namespaces-show: helm template -n $(NAMESPACE) $(NAME) . --dry-run=server $(API_VERSIONS_FLAGS) -s templates/namespaces.yaml diff --git a/packages/core/platform/templates/helmreleases.yaml b/packages/core/platform/templates/helmreleases.yaml index d437888f..bbd7ef6f 100644 --- a/packages/core/platform/templates/helmreleases.yaml +++ b/packages/core/platform/templates/helmreleases.yaml @@ -11,8 +11,17 @@ {{- end }} {{- range $x := $bundle.releases }} -{{- if not (has $x.name $disabledComponents) }} -{{- if or (not $x.optional) (and ($x.optional) (has $x.name $enabledComponents)) }} + +{{- $shouldInstall := true }} +{{- $shouldDelete := false }} +{{- if or (has $x.name $disabledComponents) (and ($x.optional) (not (has $x.name $enabledComponents))) }} + {{- $shouldInstall = false }} + {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" $x.namespace $x.name }} + {{- $shouldDelete = true }} + {{- end }} +{{- end }} + +{{- if or $shouldInstall $shouldDelete }} --- apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease @@ -22,6 +31,9 @@ metadata: labels: cozystack.io/repository: system cozystack.io/system-app: "true" + {{- if $shouldDelete }} + cozystack.io/marked-for-deletion: "true" + {{- end }} spec: interval: 5m releaseName: {{ $x.releaseName | default $x.name }} @@ -79,22 +91,3 @@ spec: {{- end }} {{- end }} {{- end }} -{{- end }} - -{{- range $name := $disabledComponents }} - {{- if ne $name "" }} ---- -apiVersion: helm.toolkit.fluxcd.io/v2 -kind: HelmRelease -metadata: - name: {{ $name }} - namespace: {{ index $dependencyNamespaces $name | default "cozy-system" }} - annotations: - cozystack.io/marked-for-deletion: "true" - labels: - cozystack.io/repository: system - cozystack.io/system-app: "true" -spec: - suspend: true - {{- end }} -{{- end }} From bc5635dd8e49ef6fb5715ea0a8850435e328d097 Mon Sep 17 00:00:00 2001 From: klinch0 <68821526+klinch0@users.noreply.github.com> Date: Mon, 14 Apr 2025 14:07:35 +0300 Subject: [PATCH 10/38] [monitoring] add vpa for users k8s clusters (#806) ## Summary by CodeRabbit - **Chores** - Updated the application version to 0.18.0 with refined version tracking for improved deployment clarity. - **New Features** - Enhanced the monitoring agents integration with updated dependency management. - Introduced new deployment configurations for the vertical pod autoscaler and its custom resource definitions, offering customizable override options and improved reconciliation strategies. --- packages/apps/kubernetes/Chart.yaml | 2 +- .../helmreleases/monitoring-agents.yaml | 4 +- .../vertical-pod-autoscaler-crds.yaml | 41 +++++++++++ .../helmreleases/vertical-pod-autoscaler.yaml | 69 +++++++++++++++++++ packages/apps/kubernetes/values.yaml | 7 ++ packages/apps/versions_map | 3 +- 6 files changed, 122 insertions(+), 4 deletions(-) create mode 100644 packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler-crds.yaml create mode 100644 packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml diff --git a/packages/apps/kubernetes/Chart.yaml b/packages/apps/kubernetes/Chart.yaml index 42dcbf5c..35a41f92 100644 --- a/packages/apps/kubernetes/Chart.yaml +++ b/packages/apps/kubernetes/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.17.1 +version: 0.18.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml b/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml index ab129e64..eb19f23b 100644 --- a/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/monitoring-agents.yaml @@ -38,10 +38,10 @@ spec: - name: {{ .Release.Name }} namespace: {{ .Release.Namespace }} {{- end }} - - name: {{ .Release.Name }}-cilium - namespace: {{ .Release.Namespace }} - name: {{ .Release.Name }}-cozy-victoria-metrics-operator namespace: {{ .Release.Namespace }} + - name: {{ .Release.Name }}-vertical-pod-autoscaler-crds + namespace: {{ .Release.Namespace }} values: vmagent: externalLabels: diff --git a/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler-crds.yaml b/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler-crds.yaml new file mode 100644 index 00000000..89634565 --- /dev/null +++ b/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler-crds.yaml @@ -0,0 +1,41 @@ +{{- if .Values.addons.monitoringAgents.enabled }} +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: {{ .Release.Name }}-vertical-pod-autoscaler-crds + labels: + cozystack.io/repository: system + coztstack.io/target-cluster-name: {{ .Release.Name }} +spec: + interval: 5m + releaseName: vertical-pod-autoscaler-crds + chart: + spec: + chart: cozy-vertical-pod-autoscaler-crds + reconcileStrategy: Revision + sourceRef: + kind: HelmRepository + name: cozystack-system + namespace: cozy-system + kubeConfig: + secretRef: + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc + targetNamespace: cozy-vertical-pod-autoscaler-crds + storageNamespace: cozy-vertical-pod-autoscaler-crds + install: + createNamespace: true + remediation: + retries: -1 + upgrade: + remediation: + retries: -1 + + dependsOn: + {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }} + - name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + {{- end }} + - name: {{ .Release.Name }}-cilium + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml b/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml new file mode 100644 index 00000000..d5e17079 --- /dev/null +++ b/packages/apps/kubernetes/templates/helmreleases/vertical-pod-autoscaler.yaml @@ -0,0 +1,69 @@ +{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} +{{- $targetTenant := index $myNS.metadata.annotations "namespace.cozystack.io/monitoring" }} +{{- if .Values.addons.monitoringAgents.enabled }} +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: {{ .Release.Name }}-vertical-pod-autoscaler + labels: + cozystack.io/repository: system + coztstack.io/target-cluster-name: {{ .Release.Name }} +spec: + interval: 5m + releaseName: vertical-pod-autoscaler + chart: + spec: + chart: cozy-vertical-pod-autoscaler + reconcileStrategy: Revision + sourceRef: + kind: HelmRepository + name: cozystack-system + namespace: cozy-system + kubeConfig: + secretRef: + name: {{ .Release.Name }}-admin-kubeconfig + key: super-admin.svc + targetNamespace: cozy-vertical-pod-autoscaler + storageNamespace: cozy-vertical-pod-autoscaler + install: + createNamespace: true + remediation: + retries: -1 + upgrade: + remediation: + retries: -1 + values: + vertical-pod-autoscaler: + recommender: + extraArgs: + container-name-label: container + container-namespace-label: namespace + container-pod-name-label: pod + storage: prometheus + memory-saver: true + pod-label-prefix: label_ + metric-for-pod-labels: kube_pod_labels{job="kube-state-metrics", tenant="{{ .Release.Namespace }}", cluster="{{ .Release.Name }}"}[8d] + pod-name-label: pod + pod-namespace-label: namespace + prometheus-address: http://vmselect-shortterm.{{ $targetTenant }}.svc.cozy.local:8481/select/0/prometheus/ + prometheus-cadvisor-job-name: cadvisor + resources: + limits: + memory: 1600Mi + requests: + cpu: 100m + memory: 1600Mi + {{- if .Values.addons.verticalPodAutoscaler.valuesOverride }} + valuesFrom: + - kind: Secret + name: {{ .Release.Name }}-vertical-pod-autoscaler-values-override + valuesKey: values + {{- end }} + dependsOn: + {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" .Release.Namespace .Release.Name }} + - name: {{ .Release.Name }} + namespace: {{ .Release.Namespace }} + {{- end }} + - name: {{ .Release.Name }}-monitoring-agents + namespace: {{ .Release.Namespace }} +{{- end }} diff --git a/packages/apps/kubernetes/values.yaml b/packages/apps/kubernetes/values.yaml index c6982dab..9fb60221 100644 --- a/packages/apps/kubernetes/values.yaml +++ b/packages/apps/kubernetes/values.yaml @@ -70,6 +70,13 @@ addons: enabled: false valuesOverride: {} + ## VerticalPodAutoscaler + ## + verticalPodAutoscaler: + ## @param addons.verticalPodAutoscaler.valuesOverride Custom values to override + ## + valuesOverride: {} + ## @section Kamaji control plane ## kamajiControlPlane: diff --git a/packages/apps/versions_map b/packages/apps/versions_map index 9812a49d..8234bad8 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -57,7 +57,8 @@ kubernetes 0.15.1 160e4e2a kubernetes 0.15.2 8267072d kubernetes 0.16.0 077045b0 kubernetes 0.17.0 1fbbfcd0 -kubernetes 0.17.1 HEAD +kubernetes 0.17.1 fd240701 +kubernetes 0.18.0 HEAD mysql 0.1.0 263e47be mysql 0.2.0 c24a103f mysql 0.3.0 53f2365e From e96f15773dee0b026dd955bfdce8b0a213d2d0f6 Mon Sep 17 00:00:00 2001 From: kvaps Date: Tue, 15 Apr 2025 07:42:59 +0000 Subject: [PATCH 11/38] Prepare release v0.30.2 Signed-off-by: kvaps --- packages/apps/kubernetes/images/cluster-autoscaler.tag | 2 +- packages/apps/kubernetes/images/kubevirt-cloud-provider.tag | 2 +- packages/apps/kubernetes/images/kubevirt-csi-driver.tag | 2 +- packages/core/installer/values.yaml | 2 +- packages/core/testing/values.yaml | 2 +- packages/extra/bootbox/images/matchbox.tag | 2 +- packages/extra/monitoring/images/grafana.tag | 2 +- packages/system/bucket/images/s3manager.tag | 2 +- packages/system/cozystack-api/values.yaml | 2 +- packages/system/cozystack-controller/values.yaml | 4 ++-- .../charts/kubeapps/templates/dashboard/configmap.yaml | 2 +- packages/system/dashboard/values.yaml | 6 +++--- packages/system/kamaji/values.yaml | 2 +- packages/system/kubeovn-webhook/values.yaml | 2 +- packages/system/kubeovn/values.yaml | 2 +- 15 files changed, 18 insertions(+), 18 deletions(-) diff --git a/packages/apps/kubernetes/images/cluster-autoscaler.tag b/packages/apps/kubernetes/images/cluster-autoscaler.tag index fc8cf0dd..79b8f1fe 100644 --- a/packages/apps/kubernetes/images/cluster-autoscaler.tag +++ b/packages/apps/kubernetes/images/cluster-autoscaler.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/cluster-autoscaler:0.17.1@sha256:85371c6aabf5a7fea2214556deac930c600e362f92673464fe2443784e2869c3 +ghcr.io/cozystack/cozystack/cluster-autoscaler:0.18.0@sha256:85371c6aabf5a7fea2214556deac930c600e362f92673464fe2443784e2869c3 diff --git a/packages/apps/kubernetes/images/kubevirt-cloud-provider.tag b/packages/apps/kubernetes/images/kubevirt-cloud-provider.tag index 7b8702e1..3da7f1c6 100644 --- a/packages/apps/kubernetes/images/kubevirt-cloud-provider.tag +++ b/packages/apps/kubernetes/images/kubevirt-cloud-provider.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/kubevirt-cloud-provider:0.17.1@sha256:795d8e1ef4b2b0df2aa1e09d96cd13476ebb545b4bf4b5779b7547a70ef64cf9 +ghcr.io/cozystack/cozystack/kubevirt-cloud-provider:0.18.0@sha256:795d8e1ef4b2b0df2aa1e09d96cd13476ebb545b4bf4b5779b7547a70ef64cf9 diff --git a/packages/apps/kubernetes/images/kubevirt-csi-driver.tag b/packages/apps/kubernetes/images/kubevirt-csi-driver.tag index fc109575..a06f4311 100644 --- a/packages/apps/kubernetes/images/kubevirt-csi-driver.tag +++ b/packages/apps/kubernetes/images/kubevirt-csi-driver.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.17.1@sha256:d1346d59224e6d2d07f1551af918ed31e57ba84b750122c1aeceaf9b33dd2271 +ghcr.io/cozystack/cozystack/kubevirt-csi-driver:0.18.0@sha256:6f9091c3e7e4951c5e43fdafd505705fcc9f1ead290ee3ae42e97e9ec2b87b20 diff --git a/packages/core/installer/values.yaml b/packages/core/installer/values.yaml index 69ff8629..bc00caf1 100644 --- a/packages/core/installer/values.yaml +++ b/packages/core/installer/values.yaml @@ -1,2 +1,2 @@ cozystack: - image: ghcr.io/cozystack/cozystack/installer:v0.30.1@sha256:29b975e1485efa98965d292d772efc11966724fef2f9b70612e398dff0eded5b + image: ghcr.io/cozystack/cozystack/installer:v0.30.2@sha256:59996588b5d59b5593fb34442b2f2ed8ef466d138b229a8d37beb6f70141a690 diff --git a/packages/core/testing/values.yaml b/packages/core/testing/values.yaml index b44f842b..ce5b1eeb 100755 --- a/packages/core/testing/values.yaml +++ b/packages/core/testing/values.yaml @@ -1,2 +1,2 @@ e2e: - image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.30.1@sha256:04dcc6161e9bdb4d30538e3706bb29c93c1d615c6f3d940f9af64d3dda2f491e + image: ghcr.io/cozystack/cozystack/e2e-sandbox:v0.30.2@sha256:31273d6b42dc88c2be2ff9ba64564d1b12e70ae8a5480953341b0d113ac7d4bd diff --git a/packages/extra/bootbox/images/matchbox.tag b/packages/extra/bootbox/images/matchbox.tag index 067e8ffd..499055a6 100644 --- a/packages/extra/bootbox/images/matchbox.tag +++ b/packages/extra/bootbox/images/matchbox.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/matchbox:v0.30.1@sha256:a30e58f07c702e693f9bc052c3ef6eab443e1db8bcc86689199b2db6af14ebb7 +ghcr.io/cozystack/cozystack/matchbox:v0.30.2@sha256:307d382f75f1dcb39820c73b93b2ce576cdb6d58032679bda7d926999c677900 diff --git a/packages/extra/monitoring/images/grafana.tag b/packages/extra/monitoring/images/grafana.tag index f790713d..73fca310 100644 --- a/packages/extra/monitoring/images/grafana.tag +++ b/packages/extra/monitoring/images/grafana.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/grafana:1.9.2@sha256:fb48d37f1a9386e0023df9ac067ec2e03953b7b8c9d6abf2d12716e084f846a4 +ghcr.io/cozystack/cozystack/grafana:1.9.2@sha256:c63978e1ed0304e8518b31ddee56c4e8115541b997d8efbe1c0a74da57140399 diff --git a/packages/system/bucket/images/s3manager.tag b/packages/system/bucket/images/s3manager.tag index b5b127ce..779c0b7d 100644 --- a/packages/system/bucket/images/s3manager.tag +++ b/packages/system/bucket/images/s3manager.tag @@ -1 +1 @@ -ghcr.io/cozystack/cozystack/s3manager:v0.5.0@sha256:3537d3baaf96d576148e6df17552f2ead2b7a55ba122ef542a2e99bde896d218 +ghcr.io/cozystack/cozystack/s3manager:v0.5.0@sha256:a47d2743d01bff0ce60aa745fdff54f9b7184dff8679b11ab4ecd08ac663012b diff --git a/packages/system/cozystack-api/values.yaml b/packages/system/cozystack-api/values.yaml index 33adc010..a669a153 100644 --- a/packages/system/cozystack-api/values.yaml +++ b/packages/system/cozystack-api/values.yaml @@ -1,2 +1,2 @@ cozystackAPI: - image: ghcr.io/cozystack/cozystack/cozystack-api:v0.30.1@sha256:7ef370dc8aeac0a6b2a50b7d949f070eb21d267ba0a70e7fc7c1564bfe6d4f83 + image: ghcr.io/cozystack/cozystack/cozystack-api:v0.30.2@sha256:7ef370dc8aeac0a6b2a50b7d949f070eb21d267ba0a70e7fc7c1564bfe6d4f83 diff --git a/packages/system/cozystack-controller/values.yaml b/packages/system/cozystack-controller/values.yaml index ae1cb9fe..fdfe2481 100644 --- a/packages/system/cozystack-controller/values.yaml +++ b/packages/system/cozystack-controller/values.yaml @@ -1,5 +1,5 @@ cozystackController: - image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.30.1@sha256:5b87a8ea0dcde1671f44532c1ee6db11a5dd922d1a009078ecf6495ec193e52a + image: ghcr.io/cozystack/cozystack/cozystack-controller:v0.30.2@sha256:5b87a8ea0dcde1671f44532c1ee6db11a5dd922d1a009078ecf6495ec193e52a debug: false disableTelemetry: false - cozystackVersion: "v0.30.1" + cozystackVersion: "v0.30.2" diff --git a/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml b/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml index e3a2d4ba..b1409d89 100644 --- a/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml +++ b/packages/system/dashboard/charts/kubeapps/templates/dashboard/configmap.yaml @@ -76,7 +76,7 @@ data: "kubeappsNamespace": {{ .Release.Namespace | quote }}, "helmGlobalNamespace": {{ include "kubeapps.helmGlobalPackagingNamespace" . | quote }}, "carvelGlobalNamespace": {{ .Values.kubeappsapis.pluginConfig.kappController.packages.v1alpha1.globalPackagingNamespace | quote }}, - "appVersion": "v0.30.1", + "appVersion": "v0.30.2", "authProxyEnabled": {{ .Values.authProxy.enabled }}, "oauthLoginURI": {{ .Values.authProxy.oauthLoginURI | quote }}, "oauthLogoutURI": {{ .Values.authProxy.oauthLogoutURI | quote }}, diff --git a/packages/system/dashboard/values.yaml b/packages/system/dashboard/values.yaml index cb725a04..828a5897 100644 --- a/packages/system/dashboard/values.yaml +++ b/packages/system/dashboard/values.yaml @@ -18,14 +18,14 @@ kubeapps: image: registry: ghcr.io/cozystack/cozystack repository: dashboard - tag: v0.30.1 + tag: v0.30.2 digest: "sha256:a83fe4654f547469cfa469a02bda1273c54bca103a41eb007fdb2e18a7a91e93" kubeappsapis: image: registry: ghcr.io/cozystack/cozystack repository: kubeapps-apis - tag: v0.30.1 - digest: "sha256:5019c8fc4a5d4437cae32a635303ceebcb489c582092fd4bcfc04353b4582233" + tag: v0.30.2 + digest: "sha256:3b5805b56f2fb9fd25f4aa389cdfbbb28a3f2efb02245c52085a45d1dc62bf92" pluginConfig: flux: packages: diff --git a/packages/system/kamaji/values.yaml b/packages/system/kamaji/values.yaml index ad86934a..7abe514e 100644 --- a/packages/system/kamaji/values.yaml +++ b/packages/system/kamaji/values.yaml @@ -3,7 +3,7 @@ kamaji: deploy: false image: pullPolicy: IfNotPresent - tag: v0.30.1@sha256:e6be608afa1aba23309d419cba5406a70fc510dcab8cb399fcd2064c1b48f10e + tag: v0.30.2@sha256:e04f68e4cc5b023ed39ce2242b32aee51f97235371602239d0c4a9cea97c8d0d repository: ghcr.io/cozystack/cozystack/kamaji resources: limits: diff --git a/packages/system/kubeovn-webhook/values.yaml b/packages/system/kubeovn-webhook/values.yaml index 74cc3b45..db3c347e 100644 --- a/packages/system/kubeovn-webhook/values.yaml +++ b/packages/system/kubeovn-webhook/values.yaml @@ -1,3 +1,3 @@ portSecurity: true routes: "" -image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.30.1@sha256:fa14fa7a0ffa628eb079ddcf6ce41d75b43de92e50f489422f8fb15c4dab2dbf +image: ghcr.io/cozystack/cozystack/kubeovn-webhook:v0.30.2@sha256:fa14fa7a0ffa628eb079ddcf6ce41d75b43de92e50f489422f8fb15c4dab2dbf diff --git a/packages/system/kubeovn/values.yaml b/packages/system/kubeovn/values.yaml index 35b2f6c3..f66fc737 100644 --- a/packages/system/kubeovn/values.yaml +++ b/packages/system/kubeovn/values.yaml @@ -22,4 +22,4 @@ global: images: kubeovn: repository: kubeovn - tag: v1.13.8@sha256:385329464045cdf5e01364e9f2293edc71065a0910576a8e26ea9ac7097aae71 + tag: v1.13.8@sha256:071a93df2dce484b347bbace75934ca9e1743668bfe6f1161ba307dee204767d From 7dbb8a1d754973c41d666c0eb1e3f7969e38b6b8 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Wed, 16 Apr 2025 12:06:13 +0200 Subject: [PATCH 12/38] [ci] Update pipeline for patch releases Signed-off-by: Andrei Kvapil Co-authored-by: Nick Volynkin --- .github/workflows/pull-requests-release.yaml | 4 +- .github/workflows/tags.yaml | 68 ++++++++++++++------ 2 files changed, 52 insertions(+), 20 deletions(-) diff --git a/.github/workflows/pull-requests-release.yaml b/.github/workflows/pull-requests-release.yaml index 49edbba3..790c9188 100644 --- a/.github/workflows/pull-requests-release.yaml +++ b/.github/workflows/pull-requests-release.yaml @@ -68,8 +68,8 @@ jobs: - name: Create tag on merged commit run: | - git tag ${{ steps.get_tag.outputs.tag }} ${{ github.sha }} - git push origin ${{ steps.get_tag.outputs.tag }} + git tag ${{ steps.get_tag.outputs.tag }} ${{ github.sha }} --force + git push origin ${{ steps.get_tag.outputs.tag }} --force - name: Publish draft release uses: actions/github-script@v7 diff --git a/.github/workflows/tags.yaml b/.github/workflows/tags.yaml index 53992c61..44bc8479 100644 --- a/.github/workflows/tags.yaml +++ b/.github/workflows/tags.yaml @@ -1,6 +1,7 @@ name: Versioned Tag on: + # Trigger on push if it includes a tag like vX.Y.Z push: tags: - 'v*.*.*' @@ -15,6 +16,7 @@ jobs: pull-requests: write steps: + # 1) Check if a non-draft release with this tag already exists - name: Check if release already exists id: check_release uses: actions/github-script@v7 @@ -25,7 +27,6 @@ jobs: owner: context.repo.owner, repo: context.repo.repo }); - const existing = releases.data.find(r => r.tag_name === tag && !r.draft); if (existing) { core.setOutput('skip', 'true'); @@ -33,10 +34,39 @@ jobs: core.setOutput('skip', 'false'); } + # If a published release already exists, skip the rest of the workflow - name: Skip if release already exists if: steps.check_release.outputs.skip == 'true' run: echo "Release already exists, skipping workflow." + # 2) Determine the base branch from which the tag was pushed + - name: Get base branch + if: steps.check_release.outputs.skip == 'false' + id: get_base + uses: actions/github-script@v7 + with: + script: | + /* + For a push event with a tag, GitHub sets context.payload.base_ref + if the tag was pushed from a branch. + If it's empty, we can't determine the correct base branch and must fail. + */ + const baseRef = context.payload.base_ref; + if (!baseRef) { + core.setFailed(`❌ base_ref is empty. Make sure you push the tag from a branch (e.g. 'git push origin HEAD:refs/tags/vX.Y.Z').`); + return; + } + + const shortBranch = baseRef.replace("refs/heads/", ""); + const releasePattern = /^release-\d+\.\d+$/; + if (shortBranch !== "main" && !releasePattern.test(shortBranch)) { + core.setFailed(`❌ Tagged commit must belong to branch 'main' or 'release-X.Y'. Got '${shortBranch}'`); + return; + } + + core.setOutput('branch', shortBranch); + + # 3) Checkout full git history and tags - name: Checkout code if: steps.check_release.outputs.skip == 'false' uses: actions/checkout@v4 @@ -44,6 +74,7 @@ jobs: fetch-depth: 0 fetch-tags: true + # 4) Login to GitHub Container Registry - name: Login to GitHub Container Registry if: steps.check_release.outputs.skip == 'false' uses: docker/login-action@v3 @@ -52,10 +83,12 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} registry: ghcr.io + # 5) Build project artifacts - name: Build if: steps.check_release.outputs.skip == 'false' run: make build + # 6) Optionally commit built artifacts to the repository - name: Commit release artifacts if: steps.check_release.outputs.skip == 'false' env: @@ -67,6 +100,7 @@ jobs: git add . git commit -m "Prepare release ${GITHUB_REF#refs/tags/}" -s || echo "No changes to commit" + # 7) Create a release branch like release-X.Y.Z - name: Create release branch if: steps.check_release.outputs.skip == 'false' run: | @@ -74,48 +108,48 @@ jobs: git branch -f "$BRANCH_NAME" git push origin "$BRANCH_NAME" --force + # 8) Create a pull request from release-X.Y.Z to the original base branch - name: Create pull request if not exists if: steps.check_release.outputs.skip == 'false' uses: actions/github-script@v7 with: script: | const version = context.ref.replace('refs/tags/v', ''); - const branch = `release-${version}`; - const base = 'main'; - + const base = '${{ steps.get_base.outputs.branch }}'; + const head = `release-${version}`; + const prs = await github.rest.pulls.list({ owner: context.repo.owner, repo: context.repo.repo, - head: `${context.repo.owner}:${branch}`, + head: `${context.repo.owner}:${head}`, base }); - + if (prs.data.length === 0) { const newPr = await github.rest.pulls.create({ owner: context.repo.owner, repo: context.repo.repo, - head: branch, - base: base, + head, + base, title: `Release v${version}`, body: `This PR prepares the release \`v${version}\`.\n` + `(Please merge it before releasing draft)`, draft: false }); - - console.log(`Created pull request #${newPr.data.number} from ${branch} to ${base}`); - + + console.log(`Created pull request #${newPr.data.number} from ${head} to ${base}`); await github.rest.issues.addLabels({ owner: context.repo.owner, repo: context.repo.repo, issue_number: newPr.data.number, labels: ['release'] }); - } else { - console.log(`Pull request already exists from ${branch} to ${base}`); + console.log(`Pull request already exists from ${head} to ${base}`); } + # 9) Create or reuse an existing draft GitHub release for this tag - name: Create or reuse draft release if: steps.check_release.outputs.skip == 'false' id: create_release @@ -141,22 +175,20 @@ jobs: } core.setOutput('upload_url', release.upload_url); + # 10) Build additional assets for the release (if needed) - name: Build assets if: steps.check_release.outputs.skip == 'false' run: make assets env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # 11) Upload assets to the draft release - name: Upload assets if: steps.check_release.outputs.skip == 'false' run: make upload_assets VERSION=${GITHUB_REF#refs/tags/} env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Delete pushed tag - if: steps.check_release.outputs.skip == 'false' - run: | - git push --delete origin ${GITHUB_REF#refs/tags/} - + # 12) Run tests - name: Run tests run: make test From ffe6109dfb9414f47943b7da519179e0a4ebdd97 Mon Sep 17 00:00:00 2001 From: Nick Volynkin Date: Wed, 16 Apr 2025 15:27:19 +0300 Subject: [PATCH 13/38] [docs] Describe the Cozystack release workflow Resolves #127 Co-authored-by: Andrei Kvapil Signed-off-by: Nick Volynkin --- docs/release.md | 139 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 139 insertions(+) create mode 100644 docs/release.md diff --git a/docs/release.md b/docs/release.md new file mode 100644 index 00000000..062b7a56 --- /dev/null +++ b/docs/release.md @@ -0,0 +1,139 @@ +# Release Workflow + +This section explains how Cozystack builds and releases are made. + +## Regular Releases + +When making regular releases, we take a commit in `main` and decide to make it a release `x.y.0`. +In this explanation, we'll use version `v0.42.0` as an example: + +```mermaid +gitGraph + commit id: "feature" + commit id: "feature 2" + commit id: "feature 3" tag: "v0.42.0" +``` + +A regular release sequence starts in the following way: + +1. Maintainer tags a commit in `main` with `v0.42.0` and pushes it to GitHub. +2. CI workflow triggers on tag push: + 1. Creates a draft page for release `v0.42.0`, if it wasn't created before. + 2. Takes code from tag `v0.42.0`, builds images, and pushes them to ghcr.io. + 3. Makes a new commit `Prepare release v0.42.0` with updated digests, pushes it to the new branch `release-0.42.0`, and opens a PR to `main`. + 4. Builds Cozystack release assets from the new commit `Prepare release v0.42.0` and uploads them to the release draft page. +3. Maintainer reviews PR, tests build artifacts, and edits changelogs on the release draft page. + + ```mermaid + gitGraph + commit id: "feature" + commit id: "feature 2" + commit id: "feature 3" tag: "v0.42.0" + branch release-0.42.0 + checkout release-0.42.0 + commit id: "Prepare release v0.42.0" + checkout main + merge release-0.42.0 id: "Pull Request" + ``` + + When testing and editing are completed, the sequence goes on. + +4. Maintainer merges the PR. GitHub removes the merged branch `release-0.42.0`. +5. CI workflow triggers on merge: + 1. Moves the tag `v0.42.0` to the newly created merge commit by force-pushing a tag to GitHub. + 2. Publishes the release page (`draft` → `latest`). +6. The maintainer can now announce the release to the community. + +```mermaid +gitGraph + commit id: "feature" + commit id: "feature 2" + commit id: "feature 3" + branch release-0.42.0 + checkout release-0.42.0 + commit id: "Prepare release v0.42.0" + checkout main + merge release-0.42.0 id: "Release v0.42.0" tag: "v0.42.0" +``` + +## Patch Releases + +Making a patch release has a lot in common with a regular release, with a couple of differences: + +* A release branch is used instead of `main` +* Patch commits are cherry-picked to the release branch. +* A pull request is opened against the release branch. + + +Let's assume that we've released `v0.42.0` and that development is ongoing. +We have introduced a couple of new features and some fixes to features that we have released +in `v0.42.0`. + +Once problems were found and fixed, a patch release is due. + +```mermaid +gitGraph + commit id: "Release v0.42.0" tag: "v0.42.0" + checkout main + commit id: "feature 4" + commit id: "patch 1" + commit id: "feature 5" + commit id: "patch 2" +``` + + +1. The maintainer creates a release branch, `release-0.42,` and cherry-picks patch commits from `main` to `release-0.42`. + These must be only patches to features that were present in version `v0.42.0`. + + Cherry-picking can be done as soon as each patch is merged into `main`, + or directly before the release. + + ```mermaid + gitGraph + commit id: "Release v0.42.0" tag: "v0.42.0" + branch release-0.42 + checkout main + commit id: "feature 4" + commit id: "patch 1" + commit id: "feature 5" + commit id: "patch 2" + checkout release-0.42 + cherry-pick id: "patch 1" + cherry-pick id: "patch 2" + ``` + + When all relevant patch commits are cherry-picked, the branch is ready for release. + +2. The maintainer tags the `HEAD` commit of branch `release-0.42` as `v0.42.1` and then pushes it to GitHub. +3. CI workflow triggers on tag push: + 1. Creates a draft page for release `v0.42.1`, if it wasn't created before. + 2. Takes code from tag `v0.42.1`, builds images, and pushes them to ghcr.io. + 3. Makes a new commit `Prepare release v0.42.1` with updated digests, pushes it to the new branch `release-0.42.1`, and opens a PR to `release-0.42`. + 4. Builds Cozystack release assets from the new commit `Prepare release v0.42.1` and uploads them to the release draft page. +4. Maintainer reviews PR, tests build artifacts, and edits changelogs on the release draft page. + + ```mermaid + gitGraph + commit id: "Release v0.42.0" tag: "v0.42.0" + branch release-0.42 + checkout main + commit id: "feature 4" + commit id: "patch 1" + commit id: "feature 5" + commit id: "patch 2" + checkout release-0.42 + cherry-pick id: "patch 1" + cherry-pick id: "patch 2" tag: "v0.42.1" + branch release-0.42.1 + commit id: "Prepare release v0.42.1" + checkout release-0.42 + merge release-0.42.1 id: "Pull request" + ``` + + Finally, when release is confirmed, the release sequence goes on. + +5. Maintainer merges the PR. GitHub removes the merged branch `release-0.42.1`. +6. CI workflow triggers on merge: + 1. Moves the tag `v0.42.1` to the newly created merge commit by force-pushing a tag to GitHub. + 2. Publishes the release page (`draft` → `latest`). +7. The maintainer can now announce the release to the community. From 4e9446d93451ac9c4053f18284bfaa4711a0a5b9 Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Thu, 17 Apr 2025 21:37:49 +0300 Subject: [PATCH 14/38] [monitoring] fix vpa for vmagent delete resources Signed-off-by: kklinch0 --- packages/system/monitoring-agents/templates/vmagent.yaml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/packages/system/monitoring-agents/templates/vmagent.yaml b/packages/system/monitoring-agents/templates/vmagent.yaml index 78c6d46f..af852c73 100644 --- a/packages/system/monitoring-agents/templates/vmagent.yaml +++ b/packages/system/monitoring-agents/templates/vmagent.yaml @@ -20,12 +20,8 @@ spec: additionalScrapeConfigs: name: additional-scrape-configs key: prometheus-additional.yaml - resources: - limits: - memory: 1024Mi - requests: - cpu: 50m - memory: 768Mi + resources: {} + configReloaderResources: {} #statefulMode: true #statefulStorage: # volumeClaimTemplate: From 8f535acc3f164889e2ad4107aaad1cbba3419e54 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Thu, 17 Apr 2025 23:23:48 +0200 Subject: [PATCH 15/38] [ci] Fix: do not run tests in case of release skipped Signed-off-by: Andrei Kvapil --- .github/workflows/tags.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/tags.yaml b/.github/workflows/tags.yaml index 44bc8479..374e8bfa 100644 --- a/.github/workflows/tags.yaml +++ b/.github/workflows/tags.yaml @@ -191,4 +191,5 @@ jobs: # 12) Run tests - name: Run tests + if: steps.check_release.outputs.skip == 'false' run: make test From fe4806ce4966374d9da7e4ab4b05b6d49318daa8 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Thu, 17 Apr 2025 23:29:04 +0200 Subject: [PATCH 16/38] [ci] Revert: Workflows: Use real username to commit changes and fix assets Signed-off-by: Andrei Kvapil --- .github/workflows/tags.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tags.yaml b/.github/workflows/tags.yaml index 44bc8479..e951186c 100644 --- a/.github/workflows/tags.yaml +++ b/.github/workflows/tags.yaml @@ -95,8 +95,8 @@ jobs: GIT_AUTHOR_NAME: ${{ github.actor }} GIT_AUTHOR_EMAIL: ${{ github.actor }}@users.noreply.github.com run: | - git config user.name "$GIT_AUTHOR_NAME" - git config user.email "$GIT_AUTHOR_EMAIL" + git config user.name "github-actions" + git config user.email "github-actions@github.com" git add . git commit -m "Prepare release ${GITHUB_REF#refs/tags/}" -s || echo "No changes to commit" From 73a3f481bc2a1fae109c1cbab91ae15c30c3e535 Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Fri, 18 Apr 2025 15:00:08 +0300 Subject: [PATCH 17/38] (platform): make lower resource request for capi-kamaji-controller-manager Signed-off-by: kklinch0 --- packages/system/capi-providers/templates/providers.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/packages/system/capi-providers/templates/providers.yaml b/packages/system/capi-providers/templates/providers.yaml index f6cd7870..18ae6c7d 100644 --- a/packages/system/capi-providers/templates/providers.yaml +++ b/packages/system/capi-providers/templates/providers.yaml @@ -21,6 +21,9 @@ spec: limits: cpu: "1" memory: 1024Mi + requests: + cpu: "10m" + memory: 128Mi --- apiVersion: operator.cluster.x-k8s.io/v1alpha2 kind: BootstrapProvider From be84fc6e4ebf330d2b25702a0e3d604b427445a6 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 09:48:53 +0200 Subject: [PATCH 18/38] Fix: installing HelmReleases on initial setup Signed-off-by: Andrei Kvapil --- .../core/platform/templates/helmreleases.yaml | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/packages/core/platform/templates/helmreleases.yaml b/packages/core/platform/templates/helmreleases.yaml index bbd7ef6f..ef04d3cc 100644 --- a/packages/core/platform/templates/helmreleases.yaml +++ b/packages/core/platform/templates/helmreleases.yaml @@ -7,7 +7,7 @@ {{/* collect dependency namespaces from releases */}} {{- range $x := $bundle.releases }} -{{- $_ := set $dependencyNamespaces $x.name $x.namespace }} +{{- $_ := set $dependencyNamespaces $x.name $x.namespace }} {{- end }} {{- range $x := $bundle.releases }} @@ -15,10 +15,12 @@ {{- $shouldInstall := true }} {{- $shouldDelete := false }} {{- if or (has $x.name $disabledComponents) (and ($x.optional) (not (has $x.name $enabledComponents))) }} - {{- $shouldInstall = false }} - {{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" $x.namespace $x.name }} - {{- $shouldDelete = true }} - {{- end }} +{{- $shouldInstall = false }} +{{- if $.Capabilities.APIVersions.Has "helm.toolkit.fluxcd.io/v2" }} +{{- if lookup "helm.toolkit.fluxcd.io/v2" "HelmRelease" $x.namespace $x.name }} +{{- $shouldDelete = true }} +{{- end }} +{{- end }} {{- end }} {{- if or $shouldInstall $shouldDelete }} @@ -59,10 +61,10 @@ spec: {{- end }} {{- $values := dict }} {{- with $x.values }} - {{- $values = merge . $values }} + {{- $values = merge . $values }} {{- end }} {{- with index $cozyConfig.data (printf "values-%s" $x.name) }} - {{- $values = merge (fromYaml .) $values }} + {{- $values = merge (fromYaml .) $values }} {{- end }} {{- with $values }} values: @@ -82,12 +84,12 @@ spec: {{- with $x.dependsOn }} dependsOn: - {{- range $dep := . }} - {{- if not (has $dep $disabledComponents) }} + {{- range $dep := . }} + {{- if not (has $dep $disabledComponents) }} - name: {{ $dep }} namespace: {{ index $dependencyNamespaces $dep }} - {{- end }} - {{- end }} + {{- end }} + {{- end }} {{- end }} {{- end }} {{- end }} From eeaa1b45174451edadb8c72ddcb17bf45abbd1a4 Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Tue, 22 Apr 2025 12:38:46 +0300 Subject: [PATCH 19/38] [platform]: add migration for kube-rbac-proxy daemonset Signed-off-by: kklinch0 --- scripts/installer.sh | 2 +- scripts/migrations/11 | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 scripts/migrations/11 diff --git a/scripts/installer.sh b/scripts/installer.sh index d7667d5a..47dc965c 100755 --- a/scripts/installer.sh +++ b/scripts/installer.sh @@ -3,7 +3,7 @@ set -o pipefail set -e BUNDLE=$(set -x; kubectl get configmap -n cozy-system cozystack -o 'go-template={{index .data "bundle-name"}}') -VERSION=10 +VERSION=12 run_migrations() { if ! kubectl get configmap -n cozy-system cozystack-version; then diff --git a/scripts/migrations/11 b/scripts/migrations/11 new file mode 100644 index 00000000..7ef9486a --- /dev/null +++ b/scripts/migrations/11 @@ -0,0 +1,18 @@ +#!/bin/sh +# Migration 11 --> 12 + +# Recreate daemonset kube-rbac-proxy + +if kubectl get daemonset kube-rbac-proxy -n cozy-monitoring; then + kubectl delete daemonset kube-rbac-proxy --cascade=orphan -n cozy-monitoring +fi + +if kubectl get helmrelease monitoring-agents -n cozy-monitoring; then + timestamp=$(date --rfc-3339=ns) + kubectl annotate helmrelease monitoring-agents -n cozy-monitoring \ + reconcile.fluxcd.io/forceAt="$timestamp" \ + reconcile.fluxcd.io/requestedAt="$timestamp" \ + --overwrite +fi + +kubectl delete pods -l app.kubernetes.io/component=kube-rbac-proxy -n cozy-monitoring From 1d0ee15948f48f911630b88cd01623d887cc7758 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 11:29:16 +0200 Subject: [PATCH 20/38] [kubernetes] Fix tenant addons removal Signed-off-by: Andrei Kvapil --- packages/apps/kubernetes/Chart.yaml | 2 +- packages/apps/kubernetes/templates/helmreleases/delete.yaml | 6 ++++++ packages/apps/versions_map | 3 ++- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/packages/apps/kubernetes/Chart.yaml b/packages/apps/kubernetes/Chart.yaml index 35a41f92..cc8b5a83 100644 --- a/packages/apps/kubernetes/Chart.yaml +++ b/packages/apps/kubernetes/Chart.yaml @@ -16,7 +16,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.18.0 +version: 0.18.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/packages/apps/kubernetes/templates/helmreleases/delete.yaml b/packages/apps/kubernetes/templates/helmreleases/delete.yaml index 30cd5586..35cacedb 100644 --- a/packages/apps/kubernetes/templates/helmreleases/delete.yaml +++ b/packages/apps/kubernetes/templates/helmreleases/delete.yaml @@ -32,6 +32,9 @@ spec: {{ .Release.Name }}-cilium {{ .Release.Name }}-csi {{ .Release.Name }}-cert-manager + {{ .Release.Name }}-cert-manager-crds + {{ .Release.Name }}-vertical-pod-autoscaler + {{ .Release.Name }}-vertical-pod-autoscaler-crds {{ .Release.Name }}-ingress-nginx {{ .Release.Name }}-fluxcd-operator {{ .Release.Name }}-fluxcd @@ -67,6 +70,9 @@ rules: - {{ .Release.Name }}-cilium - {{ .Release.Name }}-csi - {{ .Release.Name }}-cert-manager + - {{ .Release.Name }}-cert-manager-crds + - {{ .Release.Name }}-vertical-pod-autoscaler + - {{ .Release.Name }}-vertical-pod-autoscaler-crds - {{ .Release.Name }}-ingress-nginx - {{ .Release.Name }}-fluxcd-operator - {{ .Release.Name }}-fluxcd diff --git a/packages/apps/versions_map b/packages/apps/versions_map index 8234bad8..a1175417 100644 --- a/packages/apps/versions_map +++ b/packages/apps/versions_map @@ -58,7 +58,8 @@ kubernetes 0.15.2 8267072d kubernetes 0.16.0 077045b0 kubernetes 0.17.0 1fbbfcd0 kubernetes 0.17.1 fd240701 -kubernetes 0.18.0 HEAD +kubernetes 0.18.0 721c12a7 +kubernetes 0.18.1 HEAD mysql 0.1.0 263e47be mysql 0.2.0 c24a103f mysql 0.3.0 53f2365e From fde6e9cc737e774ea0d1f63b5d6e1f65c9b4a01f Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Tue, 22 Apr 2025 13:05:45 +0300 Subject: [PATCH 21/38] [platform]: add migration for kube-rbac-proxy daemonset Signed-off-by: kklinch0 --- packages/core/platform/bundles/paas-full.yaml | 3 + .../core/platform/bundles/paas-hosted.yaml | 3 + packages/system/dashboard/templates/vpa.yaml | 80 +++++++++++++++++++ packages/system/dashboard/values.yaml | 2 + .../templates/configure-kk.yaml | 1 + scripts/migrations/10 | 12 +++ 6 files changed, 101 insertions(+) create mode 100644 packages/system/dashboard/templates/vpa.yaml create mode 100644 scripts/migrations/10 diff --git a/packages/core/platform/bundles/paas-full.yaml b/packages/core/platform/bundles/paas-full.yaml index ca5b3f64..74806d9e 100644 --- a/packages/core/platform/bundles/paas-full.yaml +++ b/packages/core/platform/bundles/paas-full.yaml @@ -270,7 +270,10 @@ releases: {{- end }} {{- end }} {{- end }} + frontend: + resourcesPreset: "none" dashboard: + resourcesPreset: "none" {{- $cozystackBranding:= lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" }} {{- $branding := dig "data" "branding" "" $cozystackBranding }} {{- if $branding }} diff --git a/packages/core/platform/bundles/paas-hosted.yaml b/packages/core/platform/bundles/paas-hosted.yaml index 8b59fd81..f082b3bb 100644 --- a/packages/core/platform/bundles/paas-hosted.yaml +++ b/packages/core/platform/bundles/paas-hosted.yaml @@ -168,7 +168,10 @@ releases: {{- end }} {{- end }} {{- end }} + frontend: + resourcesPreset: "none" dashboard: + resourcesPreset: "none" {{- $cozystackBranding:= lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" }} {{- $branding := dig "data" "branding" "" $cozystackBranding }} {{- if $branding }} diff --git a/packages/system/dashboard/templates/vpa.yaml b/packages/system/dashboard/templates/vpa.yaml new file mode 100644 index 00000000..6eff7036 --- /dev/null +++ b/packages/system/dashboard/templates/vpa.yaml @@ -0,0 +1,80 @@ +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: dashboard-internal-dashboard + namespace: cozy-dashboard +spec: + targetRef: + apiVersion: "apps/v1" + kind: Deployment + name: dashboard-internal-dashboard + updatePolicy: + updateMode: "Auto" + resourcePolicy: + containerPolicies: + - containerName: dashboard + controlledResources: ["cpu", "memory"] + minAllowed: + cpu: 50m + memory: 64Mi + maxAllowed: + cpu: 500m + memory: 512Mi +--- +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: dashboard-internal-kubeappsapis + namespace: cozy-dashboard +spec: + targetRef: + apiVersion: "apps/v1" + kind: Deployment + name: dashboard-internal-kubeappsapis + updatePolicy: + updateMode: "Auto" + resourcePolicy: + containerPolicies: + - containerName: kubeappsapis + controlledResources: ["cpu", "memory"] + minAllowed: + cpu: 50m + memory: 100Mi + maxAllowed: + cpu: 1000m + memory: 1Gi +--- +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: dashboard-vpa + namespace: cozy-dashboard +spec: + targetRef: + apiVersion: "apps/v1" + kind: Deployment + name: dashboard + updatePolicy: + updateMode: "Auto" + resourcePolicy: + containerPolicies: + - containerName: nginx + controlledResources: ["cpu", "memory"] + minAllowed: + cpu: "50m" + memory: "64Mi" + maxAllowed: + cpu: "500m" + memory: "512Mi" + {{- $dashboardKCconfig := lookup "v1" "ConfigMap" "cozy-dashboard" "kubeapps-auth-config" }} + {{- $dashboardKCValues := dig "data" "values.yaml" "" $dashboardKCconfig }} + {{- if $dashboardKCValues }} + - containerName: auth-proxy + controlledResources: ["cpu", "memory"] + minAllowed: + cpu: "50m" + memory: "64Mi" + maxAllowed: + cpu: "500m" + memory: "512Mi" + {{- end }} diff --git a/packages/system/dashboard/values.yaml b/packages/system/dashboard/values.yaml index 828a5897..a6b91769 100644 --- a/packages/system/dashboard/values.yaml +++ b/packages/system/dashboard/values.yaml @@ -15,12 +15,14 @@ kubeapps: flux: enabled: true dashboard: + resourcesPreset: "none" image: registry: ghcr.io/cozystack/cozystack repository: dashboard tag: v0.30.2 digest: "sha256:a83fe4654f547469cfa469a02bda1273c54bca103a41eb007fdb2e18a7a91e93" kubeappsapis: + resourcesPreset: "none" image: registry: ghcr.io/cozystack/cozystack repository: kubeapps-apis diff --git a/packages/system/keycloak-configure/templates/configure-kk.yaml b/packages/system/keycloak-configure/templates/configure-kk.yaml index 3e32178d..adee11b6 100644 --- a/packages/system/keycloak-configure/templates/configure-kk.yaml +++ b/packages/system/keycloak-configure/templates/configure-kk.yaml @@ -216,6 +216,7 @@ data: values.yaml: | kubeapps: authProxy: + resourcesPreset: "none" enabled: true provider: "oidc" clientID: "kubeapps" diff --git a/scripts/migrations/10 b/scripts/migrations/10 new file mode 100644 index 00000000..6815d906 --- /dev/null +++ b/scripts/migrations/10 @@ -0,0 +1,12 @@ +#!/bin/sh +# Migration 10 --> 11 + +# Force reconcile hr keycloak-configure +if kubectl get helmrelease keycloak-configure -n cozy-keycloak; then + kubectl delete po -l app=source-controller -n cozy-fluxcd + timestamp=$(date --rfc-3339=ns) + kubectl annotate helmrelease keycloak-configure -n cozy-keycloak \ + reconcile.fluxcd.io/forceAt="$timestamp" \ + reconcile.fluxcd.io/requestedAt="$timestamp" \ + --overwrite +fi From 172e660cd101c75642bb86a40d4f40abb4b4911f Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 11:58:35 +0200 Subject: [PATCH 22/38] [dx] automatically detect version for migrations in installer.sh Signed-off-by: Andrei Kvapil --- scripts/installer.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/installer.sh b/scripts/installer.sh index 47dc965c..2ffeba7b 100755 --- a/scripts/installer.sh +++ b/scripts/installer.sh @@ -3,7 +3,7 @@ set -o pipefail set -e BUNDLE=$(set -x; kubectl get configmap -n cozy-system cozystack -o 'go-template={{index .data "bundle-name"}}') -VERSION=12 +VERSION=$(find scripts/migrations -mindepth 1 -maxdepth 1 -type f | sort -V | awk -F/ 'END {print $NF+1}') run_migrations() { if ! kubectl get configmap -n cozy-system cozystack-version; then From 495e5843137898b6952404726e80306d4e41f3e6 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 12:35:26 +0200 Subject: [PATCH 23/38] [github] Add @klinch0 to CODEOWNERS Signed-off-by: Andrei Kvapil --- .github/CODEOWNERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index ea19e833..83e427c1 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1 +1 @@ -* @kvaps @lllamnyp +* @kvaps @lllamnyp @klinch0 From f94a01febd783f20d2477aa296add1bd68c526d2 Mon Sep 17 00:00:00 2001 From: Timofei Larkin Date: Tue, 22 Apr 2025 03:31:37 +0300 Subject: [PATCH 24/38] Indicate the IP address pool and storage class When populating the WorkloadMonitor objects, the status field is now populated with a specially formatted string, mimicking the keys of ResourceQuota.spec.hard, e.g. `.storageclass.storage.k8s.io/requests.storage` or `.ipaddresspool.metallb.io/requests.ipaddresses` so the storage class or IP pool in use can be tracked. Part of #788. Signed-off-by: Timofei Larkin --- .../controller/workloadmonitor_controller.go | 22 +++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/internal/controller/workloadmonitor_controller.go b/internal/controller/workloadmonitor_controller.go index 1c23a749..330d1dc5 100644 --- a/internal/controller/workloadmonitor_controller.go +++ b/internal/controller/workloadmonitor_controller.go @@ -116,15 +116,24 @@ func (r *WorkloadMonitorReconciler) reconcileServiceForMonitor( resources := make(map[string]resource.Quantity) - q := resource.MustParse("0") + quantity := resource.MustParse("0") for _, ing := range svc.Status.LoadBalancer.Ingress { if ing.IP != "" { - q.Add(resource.MustParse("1")) + quantity.Add(resource.MustParse("1")) } } - resources["public-ips"] = q + var resourceLabel string + if svc.Annotations != nil { + var ok bool + resourceLabel, ok = svc.Annotations["metallb.universe.tf/ip-allocated-from-pool"] + if !ok { + resourceLabel = "default" + } + } + resourceLabel = fmt.Sprintf("%s.ipaddresspool.metallb.io/requests.ipaddresses", resourceLabel) + resources[resourceLabel] = quantity _, err := ctrl.CreateOrUpdate(ctx, r.Client, workload, func() error { // Update owner references with the new monitor @@ -165,7 +174,12 @@ func (r *WorkloadMonitorReconciler) reconcilePVCForMonitor( resources := make(map[string]resource.Quantity) for resourceName, resourceQuantity := range pvc.Status.Capacity { - resources[resourceName.String()] = resourceQuantity + storageClass := "default" + if pvc.Spec.StorageClassName != nil || *pvc.Spec.StorageClassName == "" { + storageClass = *pvc.Spec.StorageClassName + } + resourceLabel := fmt.Sprintf("%s.storageclass.storage.k8s.io/requests.%s", storageClass, resourceName.String()) + resources[resourceLabel] = resourceQuantity } _, err := ctrl.CreateOrUpdate(ctx, r.Client, workload, func() error { From 2def9f4e836a8165a9eeb39c42a99fab6e8af0d2 Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Tue, 22 Apr 2025 16:33:36 +0300 Subject: [PATCH 25/38] [ci] Fix escaping for gen_versions_map.sh script Signed-off-by: kklinch0 --- hack/gen_versions_map.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/gen_versions_map.sh b/hack/gen_versions_map.sh index 3b65bb4f..c325cff3 100755 --- a/hack/gen_versions_map.sh +++ b/hack/gen_versions_map.sh @@ -30,7 +30,7 @@ resolved_miss_map=$( fi # if commit is not HEAD, check if it's valid - if [ $commit != "HEAD" ]; then + if [ "x$commit" != "xHEAD" ]; then if [ $(git show "${commit}:./${chart}/Chart.yaml" 2>/dev/null | awk '$1 == "version:" {print $2}') != "${version}" ]; then echo "Commit $commit for $chart $version is not valid" >&2 exit 1 From 719fdd29cc4167cf31bf8a3a7445d6b51f1b52a9 Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Tue, 22 Apr 2025 17:38:49 +0300 Subject: [PATCH 26/38] [platform]: fix migrations Signed-off-by: kklinch0 --- packages/core/installer/images/cozystack/Dockerfile | 1 + scripts/migrations/10 | 3 +++ scripts/migrations/11 | 3 +++ 3 files changed, 7 insertions(+) diff --git a/packages/core/installer/images/cozystack/Dockerfile b/packages/core/installer/images/cozystack/Dockerfile index fcb2a73a..a81b43a5 100644 --- a/packages/core/installer/images/cozystack/Dockerfile +++ b/packages/core/installer/images/cozystack/Dockerfile @@ -31,6 +31,7 @@ FROM alpine:3.21 RUN apk add --no-cache make RUN apk add helm kubectl --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community RUN apk add yq +RUN apk add coreutils COPY scripts /cozystack/scripts COPY --from=builder /src/packages/core /cozystack/packages/core diff --git a/scripts/migrations/10 b/scripts/migrations/10 index 6815d906..993e592c 100644 --- a/scripts/migrations/10 +++ b/scripts/migrations/10 @@ -10,3 +10,6 @@ if kubectl get helmrelease keycloak-configure -n cozy-keycloak; then reconcile.fluxcd.io/requestedAt="$timestamp" \ --overwrite fi + +# Write version to cozystack-version config +kubectl create configmap -n cozy-system cozystack-version --from-literal=version=11 --dry-run=client -o yaml | kubectl apply -f- diff --git a/scripts/migrations/11 b/scripts/migrations/11 index 7ef9486a..b16c7b4b 100644 --- a/scripts/migrations/11 +++ b/scripts/migrations/11 @@ -16,3 +16,6 @@ if kubectl get helmrelease monitoring-agents -n cozy-monitoring; then fi kubectl delete pods -l app.kubernetes.io/component=kube-rbac-proxy -n cozy-monitoring + +# Write version to cozystack-version config +kubectl create configmap -n cozy-system cozystack-version --from-literal=version=12 --dry-run=client -o yaml | kubectl apply -f- From 6d8a99269be58ad9e583160ea10ce89181a0ef9e Mon Sep 17 00:00:00 2001 From: Denis Seleznev Date: Sat, 19 Apr 2025 19:33:56 +0200 Subject: [PATCH 27/38] Drop legacy label condition. Signed-off-by: Denis Seleznev --- dashboards/main/capacity-planning.json | 24 ++++---- dashboards/main/controller.json | 74 +++++++++++------------ dashboards/main/namespace.json | 82 +++++++++++++------------- dashboards/main/namespaces.json | 76 ++++++++++++------------ dashboards/main/pod.json | 58 +++++++++--------- 5 files changed, 157 insertions(+), 157 deletions(-) diff --git a/dashboards/main/capacity-planning.json b/dashboards/main/capacity-planning.json index 47abe1a8..b2a3b966 100644 --- a/dashboards/main/capacity-planning.json +++ b/dashboards/main/capacity-planning.json @@ -450,7 +450,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum(sum by (node) (rate(container_cpu_usage_seconds_total{container!=\"POD\",container!=\"\",node=~\"$node\"}[$__rate_interval])))\n / sum(sum by (node) (avg_over_time(kube_node_status_allocatable{resource=\"cpu\",unit=\"core\",node=~\"$node\"}[$__rate_interval])))", + "expr": "sum(sum by (node) (rate(container_cpu_usage_seconds_total{container!=\"\",node=~\"$node\"}[$__rate_interval])))\n / sum(sum by (node) (avg_over_time(kube_node_status_allocatable{resource=\"cpu\",unit=\"core\",node=~\"$node\"}[$__rate_interval])))", "hide": false, "legendFormat": "Total", "range": true, @@ -520,7 +520,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum(sum by (node) (container_memory_working_set_bytes:without_kmem{container!=\"POD\",container!=\"\",node=~\"$node\"})) / sum(sum by (node) (avg_over_time(kube_node_status_allocatable{resource=\"memory\",unit=\"byte\",node=~\"$node\"}[$__rate_interval])))", + "expr": "sum(sum by (node) (container_memory_working_set_bytes:without_kmem{container!=\"\",node=~\"$node\"})) / sum(sum by (node) (avg_over_time(kube_node_status_allocatable{resource=\"memory\",unit=\"byte\",node=~\"$node\"}[$__rate_interval])))", "hide": false, "legendFormat": "Total", "range": true, @@ -590,7 +590,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum(sum by (node) (rate(container_cpu_usage_seconds_total{container!=\"POD\",container!=\"\",node=~\"$node\"}[$__rate_interval]))) / sum(sum by (node) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\"}[$__rate_interval])))", + "expr": "sum(sum by (node) (rate(container_cpu_usage_seconds_total{container!=\"\",node=~\"$node\"}[$__rate_interval]))) / sum(sum by (node) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\"}[$__rate_interval])))", "hide": false, "legendFormat": "Total", "range": true, @@ -660,7 +660,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum(sum by (node) (container_memory_working_set_bytes:without_kmem{container!=\"POD\",container!=\"\",node=~\"$node\"} )) / sum(sum by (node) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",node=~\"$node\"}[$__rate_interval])))", + "expr": "sum(sum by (node) (container_memory_working_set_bytes:without_kmem{container!=\"\",node=~\"$node\"} )) / sum(sum by (node) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",node=~\"$node\"}[$__rate_interval])))", "hide": false, "legendFormat": "__auto", "range": true, @@ -1128,7 +1128,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum by (node) (rate(container_cpu_usage_seconds_total{container!=\"POD\",container!=\"\",node=~\"$node\"}[$__rate_interval]) - on (namespace,pod,container,node) group_left avg by (namespace,pod,container, node)(kube_pod_container_resource_requests{resource=\"cpu\",node=~\"$node\"})) * -1 > 0\n", + "expr": "sum by (node) (rate(container_cpu_usage_seconds_total{container!=\"\",node=~\"$node\"}[$__rate_interval]) - on (namespace,pod,container,node) group_left avg by (namespace,pod,container, node)(kube_pod_container_resource_requests{resource=\"cpu\",node=~\"$node\"})) * -1 > 0\n", "format": "time_series", "hide": false, "intervalFactor": 1, @@ -1143,7 +1143,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum(sum by (node) (rate(container_cpu_usage_seconds_total{container!=\"POD\",container!=\"\",node=~\"$node\"}[$__rate_interval]) - on (namespace,pod,container,node) group_left avg by (namespace,pod,container, node)(kube_pod_container_resource_requests{resource=\"cpu\",node=~\"$node\"})) * -1 > 0)", + "expr": "sum(sum by (node) (rate(container_cpu_usage_seconds_total{container!=\"\",node=~\"$node\"}[$__rate_interval]) - on (namespace,pod,container,node) group_left avg by (namespace,pod,container, node)(kube_pod_container_resource_requests{resource=\"cpu\",node=~\"$node\"})) * -1 > 0)", "hide": false, "legendFormat": "Total", "range": true, @@ -1527,7 +1527,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "(sum by (node) (container_memory_working_set_bytes:without_kmem{container!=\"POD\",container!=\"\",node=~\"$node\"} ) - sum by (node) (kube_pod_container_resource_requests{resource=\"memory\",node=~\"$node\"})) * -1 > 0\n", + "expr": "(sum by (node) (container_memory_working_set_bytes:without_kmem{container!=\"\",node=~\"$node\"} ) - sum by (node) (kube_pod_container_resource_requests{resource=\"memory\",node=~\"$node\"})) * -1 > 0\n", "format": "time_series", "hide": false, "intervalFactor": 1, @@ -1542,7 +1542,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum((sum by (node) (container_memory_working_set_bytes:without_kmem{container!=\"POD\",container!=\"\",node=~\"$node\"} ) - sum by (node) (kube_pod_container_resource_requests{resource=\"memory\",node=~\"$node\"})) * -1 > 0)", + "expr": "sum((sum by (node) (container_memory_working_set_bytes:without_kmem{container!=\"\",node=~\"$node\"} ) - sum by (node) (kube_pod_container_resource_requests{resource=\"memory\",node=~\"$node\"})) * -1 > 0)", "hide": false, "legendFormat": "Total", "range": true, @@ -1909,7 +1909,7 @@ }, "editorMode": "code", "exemplar": false, - "expr": "topk(10, (sum by (namespace,pod,container)((rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\",container!=\"POD\",container!=\"\",node=~\"$node\"}[$__rate_interval])) - on (namespace,pod,container) group_left avg by (namespace,pod,container)(kube_pod_container_resource_requests{resource=\"cpu\",node=~\"$node\"}))) * -1 > 0)\n", + "expr": "topk(10, (sum by (namespace,pod,container)((rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\",container!=\"\",node=~\"$node\"}[$__rate_interval])) - on (namespace,pod,container) group_left avg by (namespace,pod,container)(kube_pod_container_resource_requests{resource=\"cpu\",node=~\"$node\"}))) * -1 > 0)\n", "format": "table", "instant": true, "range": false, @@ -2037,7 +2037,7 @@ }, "editorMode": "code", "exemplar": false, - "expr": "topk(10, (sum by (namespace,container,pod) (container_memory_working_set_bytes:without_kmem{container!=\"POD\",container!=\"\",namespace=~\"$namespace\",node=~\"$node\"}) - on (namespace,pod,container) avg by (namespace,pod,container)(kube_pod_container_resource_requests{resource=\"memory\",namespace=~\"$namespace\",node=~\"$node\"})) * -1 >0)\n", + "expr": "topk(10, (sum by (namespace,container,pod) (container_memory_working_set_bytes:without_kmem{container!=\"\",namespace=~\"$namespace\",node=~\"$node\"}) - on (namespace,pod,container) avg by (namespace,pod,container)(kube_pod_container_resource_requests{resource=\"memory\",namespace=~\"$namespace\",node=~\"$node\"})) * -1 >0)\n", "format": "table", "instant": true, "range": false, @@ -2160,7 +2160,7 @@ }, "editorMode": "code", "exemplar": false, - "expr": "topk(10, (sum by (namespace,pod,container)((rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\",container!=\"POD\",container!=\"\",node=~\"$node\"}[$__rate_interval])) - on (namespace,pod,container) group_left avg by (namespace,pod,container)(kube_pod_container_resource_requests{resource=\"cpu\",node=~\"$node\"}))) > 0)\n", + "expr": "topk(10, (sum by (namespace,pod,container)((rate(container_cpu_usage_seconds_total{namespace=~\"$namespace\",container!=\"\",node=~\"$node\"}[$__rate_interval])) - on (namespace,pod,container) group_left avg by (namespace,pod,container)(kube_pod_container_resource_requests{resource=\"cpu\",node=~\"$node\"}))) > 0)\n", "format": "table", "instant": true, "range": false, @@ -2288,7 +2288,7 @@ }, "editorMode": "code", "exemplar": false, - "expr": "topk(10, (sum by (namespace,container,pod) (container_memory_working_set_bytes:without_kmem{container!=\"POD\",container!=\"\",namespace=~\"$namespace\",node=~\"$node\"}) - on (namespace,pod,container) avg by (namespace,pod,container)(kube_pod_container_resource_requests{resource=\"memory\",namespace=~\"$namespace\",node=~\"$node\"})) >0)\n", + "expr": "topk(10, (sum by (namespace,container,pod) (container_memory_working_set_bytes:without_kmem{container!=\"\",namespace=~\"$namespace\",node=~\"$node\"}) - on (namespace,pod,container) avg by (namespace,pod,container)(kube_pod_container_resource_requests{resource=\"memory\",namespace=~\"$namespace\",node=~\"$node\"})) >0)\n", "format": "table", "instant": true, "range": false, diff --git a/dashboards/main/controller.json b/dashboards/main/controller.json index f6eaea06..9d0e0f47 100644 --- a/dashboards/main/controller.json +++ b/dashboards/main/controller.json @@ -684,7 +684,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "hide": false, "instant": true, @@ -710,7 +710,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (pod)\n(\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])\n * on (controller_type, controller_name) group_left()\n sum by (controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"POD\", namespace=\"$namespace\", resource=\"cpu\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "sum by (pod)\n(\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])\n * on (controller_type, controller_name) group_left()\n sum by (controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"\", namespace=\"$namespace\", resource=\"cpu\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "hide": false, "instant": true, @@ -723,7 +723,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod)\n (\n sum by (namespace, pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n -\n sum by (namespace, pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__range]))\n ) > 0\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod)\n (\n sum by (namespace, pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n -\n sum by (namespace, pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__range]))\n ) > 0\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "hide": false, "instant": true, @@ -736,7 +736,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) \n (\n (\n (\n sum by (namespace, pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n -\n sum by (namespace, pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__range]))\n ) or sum by (namespace, pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__range]))\n ) > 0\n )\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) \n (\n (\n (\n sum by (namespace, pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n -\n sum by (namespace, pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__range]))\n ) or sum by (namespace, pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__range]))\n ) > 0\n )\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "hide": false, "instant": true, @@ -762,7 +762,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "instant": true, "intervalFactor": 1, @@ -786,7 +786,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (pod)\n(\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])\n * on (controller_type, controller_name) group_left()\n sum by (controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"POD\", namespace=\"$namespace\", resource=\"memory\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "sum by (pod)\n(\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])\n * on (controller_type, controller_name) group_left()\n sum by (controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"\", namespace=\"$namespace\", resource=\"memory\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "instant": true, "intervalFactor": 1, @@ -798,7 +798,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod)\n (\n (\n (\n sum by (namespace, pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n -\n sum by (namespace, pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__range]))\n ) > 0\n )\n )\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod)\n (\n (\n (\n sum by (namespace, pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n -\n sum by (namespace, pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__range]))\n ) > 0\n )\n )\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "instant": true, "intervalFactor": 1, @@ -810,7 +810,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod)\n (\n (\n (\n sum by (namespace, pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n -\n sum by (namespace, pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__range]))\n ) or sum by (namespace, pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__range]))\n ) > 0\n )\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod)\n (\n (\n (\n sum by (namespace, pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n -\n sum by (namespace, pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__range]))\n ) or sum by (namespace, pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__range]))\n ) > 0\n )\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "instant": true, "intervalFactor": 1, @@ -848,7 +848,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) (rate(container_fs_reads_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) (rate(container_fs_reads_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "instant": true, "intervalFactor": 1, @@ -860,7 +860,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) (rate(container_fs_writes_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", + "expr": "(\n sum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range])) \n * on (pod)\n sum by (pod) (rate(container_fs_writes_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\", pod=~\"$pod\"}[$__range]))\n)\nor\nsum by (pod) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}[$__range]) * 0)", "format": "table", "instant": true, "intervalFactor": 1, @@ -1315,7 +1315,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum by(pod) (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", + "expr": "sum by(pod) (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", "format": "time_series", "instant": false, "intervalFactor": 1, @@ -1488,7 +1488,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_cpu_system_seconds_total{node=~\"$node\", container!=\"POD\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", + "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_cpu_system_seconds_total{node=~\"$node\", container!=\"\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -1502,7 +1502,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_cpu_user_seconds_total{node=~\"$node\", container!=\"POD\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", + "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_cpu_user_seconds_total{node=~\"$node\", container!=\"\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -1642,7 +1642,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum by (pod)\n (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))\n ) > 0\n )", + "expr": "sum by (pod)\n (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))\n ) > 0\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ pod }}", @@ -1779,7 +1779,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": " (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))\n )\n or\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))\n )\n) > 0", + "expr": " (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))\n )\n or\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\"}[$__rate_interval]))\n )\n) > 0", "format": "time_series", "hide": false, "intervalFactor": 1, @@ -2095,7 +2095,7 @@ "repeatDirection": "h", "targets": [ { - "expr": "sum by(pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Usage", @@ -2109,7 +2109,7 @@ "refId": "D" }, { - "expr": "sum by (pod)\n(\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}\n * on (controller_type, controller_name) group_left()\n sum by (controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"POD\", namespace=\"$namespace\", resource=\"cpu\"}[$__rate_interval]))\n)", + "expr": "sum by (pod)\n(\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}\n * on (controller_type, controller_name) group_left()\n sum by (controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"\", namespace=\"$namespace\", resource=\"cpu\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "VPA Target", @@ -2295,7 +2295,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(pod) (rate(container_cpu_system_seconds_total{node=~\"$node\", container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(pod) (rate(container_cpu_system_seconds_total{node=~\"$node\", container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "System", @@ -2306,7 +2306,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(pod) (rate(container_cpu_user_seconds_total{node=~\"$node\", container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(pod) (rate(container_cpu_user_seconds_total{node=~\"$node\", container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "User", @@ -2468,7 +2468,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum by(pod) (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", + "expr": "sum by(pod) (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ pod }}", @@ -2653,7 +2653,7 @@ "uid": "${ds_prometheus}" }, "editorMode": "code", - "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))\n)", + "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "RSS", @@ -2666,7 +2666,7 @@ "uid": "${ds_prometheus}" }, "editorMode": "code", - "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))\n)", + "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "Cache", @@ -2679,7 +2679,7 @@ "uid": "${ds_prometheus}" }, "editorMode": "code", - "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))\n)", + "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "Swap", @@ -2692,7 +2692,7 @@ "uid": "${ds_prometheus}" }, "editorMode": "code", - "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))\n)", + "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "Working set bytes without kmem", @@ -2705,7 +2705,7 @@ "uid": "${ds_prometheus}" }, "editorMode": "code", - "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))\n)", + "expr": "sum (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}) by(pod)\n * on (pod)\n sum by (pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "Kmem", @@ -2837,7 +2837,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "(\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}\n * on (pod) group_left()\n sum by (pod)\n (\n (\n sum by (namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n ) > 0\n )\n)", + "expr": "(\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}\n * on (pod) group_left()\n sum by (pod)\n (\n (\n sum by (namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n ) > 0\n )\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ pod }}", @@ -2974,7 +2974,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "(\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}\n * on (pod) group_left()\n sum by (pod)\n (\n (\n (\n sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by (namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n ) or sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n ) > 0\n )\n)", + "expr": "(\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}\n * on (pod) group_left()\n sum by (pod)\n (\n (\n (\n sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by (namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n ) or sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n ) > 0\n )\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ pod }}", @@ -3290,56 +3290,56 @@ "repeatDirection": "h", "targets": [ { - "expr": "sum by (pod) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (pod) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "RSS", "refId": "A" }, { - "expr": "sum by (pod) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (pod) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Cache", "refId": "B" }, { - "expr": "sum by (pod) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (pod) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Swap", "refId": "C" }, { - "expr": "sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Working set bytes without kmem", "refId": "D" }, { - "expr": "sum by (pod)\n(\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}\n * on (controller_type, controller_name) group_left()\n sum by (controller_type, controller_name) (avg_over_time(vpa_target_recommendation{namespace=\"$namespace\", container!=\"POD\", resource=\"memory\"}[$__rate_interval]))\n)", + "expr": "sum by (pod)\n(\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\", pod=~\"$pod\"}\n * on (controller_type, controller_name) group_left()\n sum by (controller_type, controller_name) (avg_over_time(vpa_target_recommendation{namespace=\"$namespace\", container!=\"\", resource=\"memory\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "VPA Target", "refId": "E" }, { - "expr": "sum by(pod) (avg_over_time(kube_pod_container_resource_limits{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by(pod) (avg_over_time(kube_pod_container_resource_limits{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Limits", "refId": "F" }, { - "expr": "sum by(pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by(pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Requests", "refId": "G" }, { - "expr": "sum by(pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by(pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", pod=~\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Kmem", @@ -3834,7 +3834,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum by(pod) (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_fs_reads_total{node=~\"$node\", container!=\"POD\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", + "expr": "sum by(pod) (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_fs_reads_total{node=~\"$node\", container!=\"\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ pod }}", @@ -3972,7 +3972,7 @@ "uid": "$ds_prometheus" }, "editorMode": "code", - "expr": "sum by(pod) (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_fs_writes_total{node=~\"$node\", container!=\"POD\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", + "expr": "sum by(pod) (\n max(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}) by(pod)\n * on (pod)\n sum by (pod) (rate(container_fs_writes_total{node=~\"$node\", container!=\"\", pod=~\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))\n)", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ pod }}", diff --git a/dashboards/main/namespace.json b/dashboards/main/namespace.json index 9a53033c..ebf63517 100644 --- a/dashboards/main/namespace.json +++ b/dashboards/main/namespace.json @@ -656,7 +656,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -680,7 +680,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (controller_type, controller_name) group_left()\n sum by(controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"POD\",namespace=\"$namespace\", resource=\"cpu\"}[$__range]))\n ) \nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (controller_type, controller_name) group_left()\n sum by(controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"\",namespace=\"$namespace\", resource=\"cpu\"}[$__range]))\n ) \nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -692,7 +692,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__range]))\n ) > 0\n )\n )\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__range]))\n ) > 0\n )\n )\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -704,7 +704,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__range]))\n ) or sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__range]))\n ) > 0\n )\n )\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__range]))\n ) or sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__range]))\n ) > 0\n )\n )\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -728,7 +728,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -740,7 +740,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (pod) group_left()\n sum by (namespace, pod)\n (\n avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__range])\n )\n )\n or\n count (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (pod) group_left()\n sum by (namespace, pod)\n (\n avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__range])\n )\n )\n or\n count (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -752,7 +752,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (controller_type, controller_name) group_left()\n sum by(controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"POD\",namespace=\"$namespace\", resource=\"memory\"}[$__range]))\n ) \n or \ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (controller_type, controller_name) group_left()\n sum by(controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"\",namespace=\"$namespace\", resource=\"memory\"}[$__range]))\n ) \n or \ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -764,7 +764,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__range]))\n ) > 0\n )\n )\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__range]))\n ) > 0\n )\n )\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -776,7 +776,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__range]))\n ) or sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__range]))\n ) > 0\n )\n )\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller)\n (\n avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__range]))\n ) or sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__range]))\n ) > 0\n )\n )\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -814,7 +814,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (rate(container_fs_reads_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (rate(container_fs_reads_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -826,7 +826,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (rate(container_fs_writes_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (rate(container_fs_writes_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -877,7 +877,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", + "expr": "sum by (controller) (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range]) * on (pod) group_left() sum by (pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}[$__range])) by (controller) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -1475,7 +1475,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval])))", + "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval])))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ controller }}", @@ -1646,7 +1646,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum (sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_system_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))))", + "expr": "sum (sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_system_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))))", "format": "time_series", "intervalFactor": 1, "legendFormat": "System", @@ -1657,7 +1657,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum (sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_user_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))))", + "expr": "sum (sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_user_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))))", "format": "time_series", "intervalFactor": 1, "legendFormat": "User", @@ -1798,7 +1798,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))\n ) > 0\n )\n )", + "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))\n ) > 0\n )\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ controller }}", @@ -1939,7 +1939,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))\n ) or sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))\n ) > 0\n )\n )", + "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))\n ) or sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))\n ) > 0\n )\n )", "format": "time_series", "instant": false, "intervalFactor": 1, @@ -2257,28 +2257,28 @@ "repeatDirection": "h", "targets": [ { - "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval])))", + "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval])))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Usage", "refId": "D" }, { - "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by(pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"POD\",namespace=\"$namespace\"}[$__rate_interval]))\n )", + "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by(pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"\",namespace=\"$namespace\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "Requests", "refId": "C" }, { - "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by(pod) (avg_over_time(kube_pod_container_resource_limits{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"POD\",namespace=\"$namespace\"}[$__rate_interval]))\n )", + "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by(pod) (avg_over_time(kube_pod_container_resource_limits{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"\",namespace=\"$namespace\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "Limits", "refId": "E" }, { - "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (controller_type, controller_name) group_left()\n sum by(controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"POD\",namespace=\"$namespace\", resource=\"cpu\"}[$__rate_interval]))\n )", + "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (controller_type, controller_name) group_left()\n sum by(controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"\",namespace=\"$namespace\", resource=\"cpu\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "VPA Target", @@ -2458,7 +2458,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_system_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval])))", + "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_system_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval])))", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -2470,7 +2470,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_user_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval])))", + "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_cpu_user_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval])))", "format": "time_series", "intervalFactor": 1, "legendFormat": "User", @@ -2622,7 +2622,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ controller }}", @@ -2799,14 +2799,14 @@ "pluginVersion": "8.5.13", "targets": [ { - "expr": "sum\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "RSS", "refId": "A" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -2814,7 +2814,7 @@ "refId": "B" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -2822,14 +2822,14 @@ "refId": "C" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "Working set bytes without kmem", "refId": "D" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "Kmem", @@ -2955,7 +2955,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))\n ) > 0\n )\n )", + "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))\n ) > 0\n )\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ controller }}", @@ -3091,7 +3091,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))\n )\n or\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))\n +\n sum by(namespace, pod, container) (avg_over_time(container_memory:kmem{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))\n )\n ) > 0\n )\n )", + "expr": "sum by (controller)\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"}\n * on (namespace, pod) group_left()\n sum by (namespace, pod)\n (\n (\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))\n )\n or\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))\n +\n sum by(namespace, pod, container) (avg_over_time(container_memory:kmem{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))\n )\n ) > 0\n )\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ controller }}", @@ -3408,14 +3408,14 @@ "repeatDirection": "h", "targets": [ { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left() \n sum by (pod) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left() \n sum by (pod) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "RSS", "refId": "A" }, { - "expr": "sum\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} \n * on (pod) group_left() \n sum by (pod) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} \n * on (pod) group_left() \n sum by (pod) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -3423,7 +3423,7 @@ "refId": "B" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left() \n sum by (pod) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left() \n sum by (pod) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -3431,35 +3431,35 @@ "refId": "C" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "Working set bytes without kmem", "refId": "D" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by(pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"POD\",namespace=\"$namespace\"}[$__rate_interval]))\n ) ", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by(pod) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"\",namespace=\"$namespace\"}[$__rate_interval]))\n ) ", "format": "time_series", "intervalFactor": 1, "legendFormat": "Requests", "refId": "E" }, { - "expr": "sum\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} \n * on (pod) group_left() \n sum by(pod) (avg_over_time(kube_pod_container_resource_limits{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"POD\",namespace=\"$namespace\"}[$__rate_interval]))\n )", + "expr": "sum\n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"} \n * on (pod) group_left() \n sum by(pod) (avg_over_time(kube_pod_container_resource_limits{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"\",namespace=\"$namespace\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "Limits", "refId": "F" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (controller_type, controller_name) group_left()\n sum by(controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"POD\",namespace=\"$namespace\", resource=\"memory\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (controller_type, controller_name) group_left()\n sum by(controller_type, controller_name) (avg_over_time(vpa_target_recommendation{container!=\"\",namespace=\"$namespace\", resource=\"memory\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "VPA Target", "refId": "G" }, { - "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))\n )", + "expr": "sum \n (\n kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller=\"$controller\"}\n * on (pod) group_left()\n sum by (pod) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "Kmem", @@ -3910,7 +3910,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_fs_reads_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval])))", + "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_fs_reads_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval])))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ controller }}", @@ -4049,7 +4049,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_fs_writes_total{node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval])))", + "expr": "sum by (controller) (kube_controller_pod{node=~\"$node\", namespace=\"$namespace\", controller_type=~\"$controller_type\", controller=~\"$controller\"} * on (pod) group_left() sum by (pod) (rate(container_fs_writes_total{node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval])))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ controller }}", diff --git a/dashboards/main/namespaces.json b/dashboards/main/namespaces.json index bfbaf781..e05e8265 100644 --- a/dashboards/main/namespaces.json +++ b/dashboards/main/namespaces.json @@ -869,7 +869,7 @@ "refId": "A" }, { - "expr": "100 * count by (namespace) (\n sum by (namespace, verticalpodautoscaler) ( \n count by (namespace, controller_name, verticalpodautoscaler) (avg_over_time(vpa_target_recommendation{namespace=~\"$namespace\", container!=\"POD\"}[$__range]))\n / on (controller_name, namespace) group_left\n count by (namespace, controller_name) (avg_over_time(kube_controller_pod{namespace=~\"$namespace\"}[$__range]))\n )\n) \n/ count by (namespace) (sum by (namespace, controller) (avg_over_time(kube_controller_pod{namespace=~\"$namespace\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "100 * count by (namespace) (\n sum by (namespace, verticalpodautoscaler) ( \n count by (namespace, controller_name, verticalpodautoscaler) (avg_over_time(vpa_target_recommendation{namespace=~\"$namespace\", container!=\"\"}[$__range]))\n / on (controller_name, namespace) group_left\n count by (namespace, controller_name) (avg_over_time(kube_controller_pod{namespace=~\"$namespace\"}[$__range]))\n )\n) \n/ count by (namespace) (sum by (namespace, controller) (avg_over_time(kube_controller_pod{namespace=~\"$namespace\"}[$__range])))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "hide": false, "instant": true, @@ -878,7 +878,7 @@ "refId": "B" }, { - "expr": "sum by (namespace) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__range]))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "sum by (namespace) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__range]))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "hide": false, "instant": true, @@ -895,7 +895,7 @@ "refId": "D" }, { - "expr": "sum by (namespace)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=~\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__range]))\n ) > 0\n )\nor count (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "sum by (namespace)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=~\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__range]))\n ) > 0\n )\nor count (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -903,7 +903,7 @@ "refId": "E" }, { - "expr": "sum by (namespace)\n (\n (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=~\"$namespace\"}[$__range]))\n ) or sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__range]))\n )\n > 0\n )\nor count (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "sum by (namespace)\n (\n (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=~\"$namespace\"}[$__range]))\n ) or sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__range]))\n )\n > 0\n )\nor count (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -919,7 +919,7 @@ "refId": "G" }, { - "expr": "sum by (namespace) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__range]))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "sum by (namespace) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__range]))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -935,7 +935,7 @@ "refId": "I" }, { - "expr": "sum by (namespace)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=~\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__range]))\n ) > 0\n )\nor\ncount(avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "sum by (namespace)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=~\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__range]))\n ) > 0\n )\nor\ncount(avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -943,7 +943,7 @@ "refId": "J" }, { - "expr": "sum by (namespace)\n (\n (\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=~\"$namespace\"}[$__range]))\n ) or sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__range]))\n )\n > 0\n )\nor count (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "sum by (namespace)\n (\n (\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__range]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=~\"$namespace\"}[$__range]))\n ) or sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__range]))\n )\n > 0\n )\nor count (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "instant": true, "intervalFactor": 1, @@ -968,7 +968,7 @@ "refId": "M" }, { - "expr": "sum by (namespace) (rate(container_fs_reads_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__range]))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "sum by (namespace) (rate(container_fs_reads_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__range]))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "hide": false, "instant": true, @@ -977,7 +977,7 @@ "refId": "N" }, { - "expr": "sum by (namespace) (rate(container_fs_writes_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__range]))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", + "expr": "sum by (namespace) (rate(container_fs_writes_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__range]))\nor\ncount (avg_over_time(kube_controller_pod{node=~\"$node\", namespace=~\"$namespace\"}[$__range])) by (namespace) * 0", "format": "table", "hide": false, "instant": true, @@ -1449,7 +1449,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ namespace }}", @@ -1616,7 +1616,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum (rate(container_cpu_system_seconds_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum (rate(container_cpu_system_seconds_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "System", @@ -1627,7 +1627,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum (rate(container_cpu_user_seconds_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum (rate(container_cpu_user_seconds_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "User", @@ -1764,7 +1764,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=~\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__rate_interval]))\n ) > 0\n )", + "expr": "sum by (namespace)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=~\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__rate_interval]))\n ) > 0\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ namespace }}", @@ -1901,7 +1901,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace)\n (\n (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=~\"$namespace\"}[$__rate_interval]))\n ) or sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__rate_interval]))\n )\n > 0\n )", + "expr": "sum by (namespace)\n (\n (\n (\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", namespace=~\"$namespace\"}[$__rate_interval]))\n ) or sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__rate_interval]))\n )\n > 0\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ namespace }}", @@ -2210,7 +2210,7 @@ "repeatDirection": "h", "targets": [ { - "expr": "sum by (namespace) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (rate(container_cpu_usage_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -2218,21 +2218,21 @@ "refId": "A" }, { - "expr": "sum by (namespace) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval])* on (uid) group_left(phase) kube_pod_status_phase{phase=\"Running\"})", + "expr": "sum by (namespace) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval])* on (uid) group_left(phase) kube_pod_status_phase{phase=\"Running\"})", "format": "time_series", "intervalFactor": 1, "legendFormat": "Requests", "refId": "B" }, { - "expr": "sum by (namespace) (avg_over_time(kube_pod_container_resource_limits{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval])* on (uid) group_left(phase) kube_pod_status_phase{phase=\"Running\"})", + "expr": "sum by (namespace) (avg_over_time(kube_pod_container_resource_limits{resource=\"cpu\",unit=\"core\",node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval])* on (uid) group_left(phase) kube_pod_status_phase{phase=\"Running\"})", "format": "time_series", "intervalFactor": 1, "legendFormat": "Limits", "refId": "C" }, { - "expr": "sum by (namespace) (avg_over_time(vpa_target_recommendation{container!=\"POD\", namespace=\"$namespace\", resource=\"cpu\"}[$__rate_interval]))", + "expr": "sum by (namespace) (avg_over_time(vpa_target_recommendation{container!=\"\", namespace=\"$namespace\", resource=\"cpu\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "VPA Target", @@ -2407,7 +2407,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace) (rate(container_cpu_system_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (rate(container_cpu_system_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -2419,7 +2419,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace) (rate(container_cpu_user_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (rate(container_cpu_user_seconds_total{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "User", @@ -2572,7 +2572,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ namespace }}", @@ -2754,14 +2754,14 @@ "pluginVersion": "8.5.13", "targets": [ { - "expr": "sum (avg_over_time(container_memory_rss{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum (avg_over_time(container_memory_rss{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "RSS", "refId": "A" }, { - "expr": "sum (avg_over_time(container_memory_cache{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum (avg_over_time(container_memory_cache{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -2769,7 +2769,7 @@ "refId": "B" }, { - "expr": "sum (avg_over_time(container_memory_swap{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum (avg_over_time(container_memory_swap{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -2777,14 +2777,14 @@ "refId": "C" }, { - "expr": "sum (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Working set bytes without kmem", "refId": "D" }, { - "expr": "sum (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Kmem", @@ -2910,7 +2910,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=~\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__rate_interval]))\n ) > 0\n )", + "expr": "sum by (namespace)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=~\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__rate_interval]))\n ) > 0\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ namespace }}", @@ -3046,7 +3046,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace)\n (\n (\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=~\"$namespace\"}[$__rate_interval]))\n ) or sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"POD\", namespace=~\"$namespace\"}[$__rate_interval]))\n )\n > 0\n )", + "expr": "sum by (namespace)\n (\n (\n (\n sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", namespace=~\"$namespace\"}[$__rate_interval]))\n ) or sum by(namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", container!=\"\", namespace=~\"$namespace\"}[$__rate_interval]))\n )\n > 0\n )", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ namespace }}", @@ -3370,14 +3370,14 @@ "repeatDirection": "h", "targets": [ { - "expr": "sum by (namespace) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (avg_over_time(container_memory_rss{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "RSS", "refId": "A" }, { - "expr": "sum by (namespace) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (avg_over_time(container_memory_cache{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -3385,7 +3385,7 @@ "refId": "B" }, { - "expr": "sum by (namespace) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (avg_over_time(container_memory_swap{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -3393,35 +3393,35 @@ "refId": "C" }, { - "expr": "sum by (namespace) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (avg_over_time(container_memory_working_set_bytes:without_kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Working set bytes without kmem", "refId": "D" }, { - "expr": "sum by(namespace) (avg_over_time(vpa_target_recommendation{container!=\"POD\",namespace=\"$namespace\", resource=\"memory\"}[$__rate_interval]))", + "expr": "sum by(namespace) (avg_over_time(vpa_target_recommendation{container!=\"\",namespace=\"$namespace\", resource=\"memory\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "VPA Target", "refId": "E" }, { - "expr": "sum by(namespace) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(namespace) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Requests", "refId": "F" }, { - "expr": "sum by(namespace) (avg_over_time(kube_pod_container_resource_limits{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"POD\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(namespace) (avg_over_time(kube_pod_container_resource_limits{resource=\"memory\",unit=\"byte\",node=~\"$node\", container!=\"\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Limits", "refId": "G" }, { - "expr": "sum by (namespace) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (avg_over_time(container_memory:kmem{node=~\"$node\", namespace=\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Kmem", @@ -3873,7 +3873,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace) (rate(container_fs_reads_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (rate(container_fs_reads_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ namespace }}", @@ -4008,7 +4008,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace) (rate(container_fs_writes_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by (namespace) (rate(container_fs_writes_total{node=~\"$node\", namespace=~\"$namespace\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ namespace }}", diff --git a/dashboards/main/pod.json b/dashboards/main/pod.json index fdca7f65..f3201f34 100644 --- a/dashboards/main/pod.json +++ b/dashboards/main/pod.json @@ -686,7 +686,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (container) (rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=~\"$container\"}[$__range]))\nor\nsum by (container) (avg_over_time(kube_pod_container_info{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__range]) * 0)", + "expr": "sum by (container) (rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=~\"$container\"}[$__range]))\nor\nsum by (container) (avg_over_time(kube_pod_container_info{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__range]) * 0)", "format": "table", "hide": false, "instant": true, @@ -759,7 +759,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=~\"$container\"}[$__range]))\nor\nsum by (container) (avg_over_time(kube_pod_container_info{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__range]) * 0)", + "expr": "sum by (container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=~\"$container\"}[$__range]))\nor\nsum by (container) (avg_over_time(kube_pod_container_info{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__range]) * 0)", "format": "table", "instant": true, "intervalFactor": 1, @@ -847,7 +847,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by(container) (rate(container_fs_reads_total{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__range]))", + "expr": "sum by(container) (rate(container_fs_reads_total{namespace=\"$namespace\", pod=\"$pod\", container!=\"\"}[$__range]))", "format": "table", "hide": false, "instant": true, @@ -860,7 +860,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by(container) (rate(container_fs_writes_total{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__range]))", + "expr": "sum by(container) (rate(container_fs_writes_total{namespace=\"$namespace\", pod=\"$pod\", container!=\"\"}[$__range]))", "format": "table", "hide": false, "instant": true, @@ -899,7 +899,7 @@ "type": "prometheus", "uid": "${ds_prometheus}" }, - "expr": "sum by (container) (avg_over_time(container_memory:kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=~\"$container\"}[$__range]))\nor\nsum by (container) (avg_over_time(kube_pod_container_info{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__range]) * 0)", + "expr": "sum by (container) (avg_over_time(container_memory:kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=~\"$container\"}[$__range]))\nor\nsum by (container) (avg_over_time(kube_pod_container_info{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__range]) * 0)", "format": "table", "instant": true, "intervalFactor": 1, @@ -1503,7 +1503,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(container) (rate(container_cpu_usage_seconds_total{container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(container) (rate(container_cpu_usage_seconds_total{container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "instant": false, "intervalFactor": 1, @@ -1669,7 +1669,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(pod) (rate(container_cpu_system_seconds_total{container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(pod) (rate(container_cpu_system_seconds_total{container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "instant": false, "intervalFactor": 1, @@ -1681,7 +1681,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(pod) (rate(container_cpu_user_seconds_total{container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(pod) (rate(container_cpu_user_seconds_total{container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "User", @@ -1820,7 +1820,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (namespace, pod, container)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{container!=\"POD\", namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__rate_interval]))\n ) > 0\n )", + "expr": "sum by (namespace, pod, container)\n (\n (\n sum by(namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"cpu\",unit=\"core\",namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__rate_interval]))\n -\n sum by(namespace, pod, container) (rate(container_cpu_usage_seconds_total{container!=\"\", namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__rate_interval]))\n ) > 0\n )", "format": "time_series", "hide": false, "intervalFactor": 1, @@ -2269,7 +2269,7 @@ "repeatDirection": "h", "targets": [ { - "expr": "sum by(container) (rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (rate(container_cpu_usage_seconds_total{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Usage", @@ -2476,7 +2476,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(container) (rate(container_cpu_system_seconds_total{container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (rate(container_cpu_system_seconds_total{container!=\"\", pod=\"$pod\", namespace=\"$namespace\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "instant": false, "intervalFactor": 1, @@ -2488,7 +2488,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(container) (rate(container_cpu_user_seconds_total{container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (rate(container_cpu_user_seconds_total{container!=\"\", pod=\"$pod\", namespace=\"$namespace\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "User", @@ -2639,7 +2639,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(container) (avg_over_time(container_memory_working_set_bytes:without_kmem{container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(container) (avg_over_time(container_memory_working_set_bytes:without_kmem{container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "instant": false, "intervalFactor": 1, @@ -2816,7 +2816,7 @@ "pluginVersion": "8.5.13", "targets": [ { - "expr": "sum by(pod) (avg_over_time(container_memory_rss{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by(pod) (avg_over_time(container_memory_rss{namespace=\"$namespace\", pod=\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "instant": false, "intervalFactor": 1, @@ -2824,28 +2824,28 @@ "refId": "A" }, { - "expr": "sum by(pod) (avg_over_time(container_memory_cache{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by(pod) (avg_over_time(container_memory_cache{namespace=\"$namespace\", pod=\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Cache", "refId": "B" }, { - "expr": "sum by(pod) (avg_over_time(container_memory_swap{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by(pod) (avg_over_time(container_memory_swap{namespace=\"$namespace\", pod=\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Swap", "refId": "C" }, { - "expr": "sum by(pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by(pod) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Working set bytes without kmem", "refId": "D" }, { - "expr": "sum by(pod) (avg_over_time(container_memory:kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\"}[$__rate_interval]))", + "expr": "sum by(pod) (avg_over_time(container_memory:kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Kmem", @@ -2974,7 +2974,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (container)\n (\n (\n sum by (namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__rate_interval]))\n -\n sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\", container!=\"POD\"}[$__rate_interval]))\n ) > 0\n )", + "expr": "sum by (container)\n (\n (\n sum by (namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__rate_interval]))\n -\n sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\", container!=\"\"}[$__rate_interval]))\n ) > 0\n )", "format": "time_series", "hide": false, "intervalFactor": 1, @@ -3110,7 +3110,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by (container)\n (\n (\n (\n sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__rate_interval]))\n -\n sum by (namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\", container!=\"POD\"}[$__rate_interval]))\n ) or sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\", container!=\"POD\"}[$__rate_interval]))\n ) > 0\n )", + "expr": "sum by (container)\n (\n (\n (\n sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\"}[$__rate_interval]))\n -\n sum by (namespace, pod, container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\", container!=\"\"}[$__rate_interval]))\n ) or sum by (namespace, pod, container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container=~\"$container\", container!=\"\"}[$__rate_interval]))\n ) > 0\n )", "format": "time_series", "hide": false, "intervalFactor": 1, @@ -3431,7 +3431,7 @@ "repeatDirection": "h", "targets": [ { - "expr": "sum by(container) (avg_over_time(container_memory_rss{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (avg_over_time(container_memory_rss{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "instant": false, "intervalFactor": 1, @@ -3439,7 +3439,7 @@ "refId": "A" }, { - "expr": "sum by(container) (avg_over_time(container_memory_cache{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (avg_over_time(container_memory_cache{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "interval": "", "intervalFactor": 1, @@ -3447,28 +3447,28 @@ "refId": "B" }, { - "expr": "sum by(container) (avg_over_time(container_memory_swap{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (avg_over_time(container_memory_swap{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Swap", "refId": "C" }, { - "expr": "sum by(container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (avg_over_time(container_memory_working_set_bytes:without_kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Working set bytes without kmem", "refId": "D" }, { - "expr": "sum by(container) (avg_over_time(kube_pod_container_resource_limits{resource=\"memory\",unit=\"byte\",namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (avg_over_time(kube_pod_container_resource_limits{resource=\"memory\",unit=\"byte\",namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Limits", "refId": "E" }, { - "expr": "sum by(container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (avg_over_time(kube_pod_container_resource_requests{resource=\"memory\",unit=\"byte\",namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Requests", @@ -3482,7 +3482,7 @@ "refId": "G" }, { - "expr": "sum by(container) (avg_over_time(container_memory:kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"POD\", container=\"$container\"}[$__rate_interval]))", + "expr": "sum by(container) (avg_over_time(container_memory:kmem{namespace=\"$namespace\", pod=\"$pod\", container!=\"\", container=\"$container\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "Kmem", @@ -3930,7 +3930,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(container) (rate(container_fs_reads_total{container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(container) (rate(container_fs_reads_total{container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ container }}", @@ -4068,7 +4068,7 @@ "type": "prometheus", "uid": "$ds_prometheus" }, - "expr": "sum by(container) (rate(container_fs_writes_total{container!=\"POD\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", + "expr": "sum by(container) (rate(container_fs_writes_total{container!=\"\", pod=\"$pod\", namespace=\"$namespace\"}[$__rate_interval]))", "format": "time_series", "intervalFactor": 1, "legendFormat": "{{ container }}", From d8f3547db709dbc2979ac9b678c60c544b733a6d Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 17:51:48 +0200 Subject: [PATCH 28/38] [ci] Fix escaping for gen_versions_map.sh script Signed-off-by: Andrei Kvapil --- hack/gen_versions_map.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/hack/gen_versions_map.sh b/hack/gen_versions_map.sh index c325cff3..27664229 100755 --- a/hack/gen_versions_map.sh +++ b/hack/gen_versions_map.sh @@ -24,14 +24,14 @@ search_commits=$(git ls-remote --tags origin | awk -F/ '$3 ~ /v[0-9]+.[0-9]+.[0- resolved_miss_map=$( echo "$miss_map" | while read -r chart version commit; do # if version is found in HEAD, it's HEAD - if [ $(awk '$1 == "version:" {print $2}' ./${chart}/Chart.yaml) = "${version}" ]; then + if [ "$(awk '$1 == "version:" {print $2}' ./${chart}/Chart.yaml)" = "${version}" ]; then echo "$chart $version HEAD" continue fi # if commit is not HEAD, check if it's valid - if [ "x$commit" != "xHEAD" ]; then - if [ $(git show "${commit}:./${chart}/Chart.yaml" 2>/dev/null | awk '$1 == "version:" {print $2}') != "${version}" ]; then + if [ "$commit" != "HEAD" ]; then + if [ "$(git show "${commit}:./${chart}/Chart.yaml" 2>/dev/null | awk '$1 == "version:" {print $2}')" != "${version}" ]; then echo "Commit $commit for $chart $version is not valid" >&2 exit 1 fi @@ -44,7 +44,7 @@ resolved_miss_map=$( # if commit is HEAD, but version is not found in HEAD, check all tags found_tag="" for tag in $search_commits; do - if [ $(git show "${tag}:./${chart}/Chart.yaml" 2>/dev/null | awk '$1 == "version:" {print $2}') = "${version}" ]; then + if [ "$(git show "${tag}:./${chart}/Chart.yaml" 2>/dev/null | awk '$1 == "version:" {print $2}')" = "${version}" ]; then found_tag=$(git rev-parse --short "${tag}") break fi From 39ede77fec4504cb633907b8e7caf32b3f5f6cd3 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 17:56:55 +0200 Subject: [PATCH 29/38] [ci] Fix checkout and improve error output for gen_versions_map.sh Signed-off-by: Andrei Kvapil --- .github/workflows/pre-commit.yml | 3 +++ hack/gen_versions_map.sh | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index 873bd9fc..a33c78e2 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -13,6 +13,9 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v3 + with: + fetch-depth: 0 + fetch-tags: true - name: Set up Python uses: actions/setup-python@v4 diff --git a/hack/gen_versions_map.sh b/hack/gen_versions_map.sh index 27664229..5169bc2f 100755 --- a/hack/gen_versions_map.sh +++ b/hack/gen_versions_map.sh @@ -31,7 +31,7 @@ resolved_miss_map=$( # if commit is not HEAD, check if it's valid if [ "$commit" != "HEAD" ]; then - if [ "$(git show "${commit}:./${chart}/Chart.yaml" 2>/dev/null | awk '$1 == "version:" {print $2}')" != "${version}" ]; then + if [ "$(git show "${commit}:./${chart}/Chart.yaml" | awk '$1 == "version:" {print $2}')" != "${version}" ]; then echo "Commit $commit for $chart $version is not valid" >&2 exit 1 fi @@ -44,7 +44,7 @@ resolved_miss_map=$( # if commit is HEAD, but version is not found in HEAD, check all tags found_tag="" for tag in $search_commits; do - if [ "$(git show "${tag}:./${chart}/Chart.yaml" 2>/dev/null | awk '$1 == "version:" {print $2}')" = "${version}" ]; then + if [ "$(git show "${tag}:./${chart}/Chart.yaml" | awk '$1 == "version:" {print $2}')" = "${version}" ]; then found_tag=$(git rev-parse --short "${tag}") break fi From 0ddaff93809f69bc708a7c2897322f55c00122b4 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Mon, 14 Apr 2025 11:31:07 +0200 Subject: [PATCH 30/38] [kubevirt] Enable VMExport feature Signed-off-by: Andrei Kvapil --- packages/extra/ingress/Chart.yaml | 2 +- packages/extra/ingress/README.md | 17 +++++---- packages/extra/ingress/values.schema.json | 5 +++ packages/extra/ingress/values.yaml | 3 ++ packages/extra/ingress/vm-exportproxy.yaml | 37 +++++++++++++++++++ packages/extra/versions_map | 3 +- .../kubevirt/templates/kubevirt-cr.yaml | 1 + 7 files changed, 58 insertions(+), 10 deletions(-) create mode 100644 packages/extra/ingress/vm-exportproxy.yaml diff --git a/packages/extra/ingress/Chart.yaml b/packages/extra/ingress/Chart.yaml index d9524db2..25d86de0 100644 --- a/packages/extra/ingress/Chart.yaml +++ b/packages/extra/ingress/Chart.yaml @@ -3,4 +3,4 @@ name: ingress description: NGINX Ingress Controller icon: /logos/ingress-nginx.svg type: application -version: 1.4.0 +version: 1.5.0 diff --git a/packages/extra/ingress/README.md b/packages/extra/ingress/README.md index 73aec882..af395dfe 100644 --- a/packages/extra/ingress/README.md +++ b/packages/extra/ingress/README.md @@ -4,12 +4,13 @@ ### Common parameters -| Name | Description | Value | -| ---------------- | ----------------------------------------------------------------- | ------- | -| `replicas` | Number of ingress-nginx replicas | `2` | -| `externalIPs` | List of externalIPs for service. | `[]` | -| `whitelist` | List of client networks | `[]` | -| `clouflareProxy` | Restoring original visitor IPs when Cloudflare proxied is enabled | `false` | -| `dashboard` | Should ingress serve Cozystack service dashboard | `false` | -| `cdiUploadProxy` | Should ingress serve CDI upload proxy | `false` | +| Name | Description | Value | +| ----------------- | ----------------------------------------------------------------- | ------- | +| `replicas` | Number of ingress-nginx replicas | `2` | +| `externalIPs` | List of externalIPs for service. | `[]` | +| `whitelist` | List of client networks | `[]` | +| `clouflareProxy` | Restoring original visitor IPs when Cloudflare proxied is enabled | `false` | +| `dashboard` | Should ingress serve Cozystack service dashboard | `false` | +| `cdiUploadProxy` | Should ingress serve CDI upload proxy | `false` | +| `virtExportProxy` | Should ingress serve KubeVirt export proxy | `false` | diff --git a/packages/extra/ingress/values.schema.json b/packages/extra/ingress/values.schema.json index 7fcefe68..8005ac24 100644 --- a/packages/extra/ingress/values.schema.json +++ b/packages/extra/ingress/values.schema.json @@ -35,6 +35,11 @@ "type": "boolean", "description": "Should ingress serve CDI upload proxy", "default": false + }, + "virtExportProxy": { + "type": "boolean", + "description": "Should ingress serve KubeVirt export proxy", + "default": false } } } \ No newline at end of file diff --git a/packages/extra/ingress/values.yaml b/packages/extra/ingress/values.yaml index 947808ae..41571db9 100644 --- a/packages/extra/ingress/values.yaml +++ b/packages/extra/ingress/values.yaml @@ -30,3 +30,6 @@ dashboard: false ## @param cdiUploadProxy Should ingress serve CDI upload proxy cdiUploadProxy: false + +## @param virtExportProxy Should ingress serve KubeVirt export proxy +virtExportProxy: false diff --git a/packages/extra/ingress/vm-exportproxy.yaml b/packages/extra/ingress/vm-exportproxy.yaml new file mode 100644 index 00000000..0984bf6c --- /dev/null +++ b/packages/extra/ingress/vm-exportproxy.yaml @@ -0,0 +1,37 @@ +{{- $cozyConfig := lookup "v1" "ConfigMap" "cozy-system" "cozystack" }} +{{- $issuerType := (index $cozyConfig.data "clusterissuer") | default "http01" }} + +{{- $myNS := lookup "v1" "Namespace" "" .Release.Namespace }} +{{- $host := index $myNS.metadata.annotations "namespace.cozystack.io/host" }} + +{{- if .Values.virtExportProxy }} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/backend-protocol: HTTPS + cert-manager.io/cluster-issuer: letsencrypt-prod + {{- if eq $issuerType "cloudflare" }} + {{- else }} + acme.cert-manager.io/http01-ingress-class: {{ .Release.Namespace }} + {{- end }} + name: virt-exportproxy-{{ .Release.Namespace }} + namespace: cozy-kubevirt +spec: + ingressClassName: {{ .Release.Namespace }} + rules: + - host: virt-exportproxy.{{ $host }} + http: + paths: + - backend: + service: + name: virt-exportproxy + port: + number: 443 + path: / + pathType: ImplementationSpecific + tls: + - hosts: + virt-exportproxy.{{ $host }} + secretName: virt-exportproxy-{{ .Release.Namespace }}-tls +{{- end }} diff --git a/packages/extra/versions_map b/packages/extra/versions_map index d4ee1e2c..289b0cfe 100644 --- a/packages/extra/versions_map +++ b/packages/extra/versions_map @@ -16,7 +16,8 @@ ingress 1.0.0 d7cfa53c ingress 1.1.0 5bbc488e ingress 1.2.0 28fca4ef ingress 1.3.0 fde4bcfa -ingress 1.4.0 HEAD +ingress 1.4.0 fd240701 +ingress 1.5.0 HEAD monitoring 1.0.0 d7cfa53c monitoring 1.1.0 25221fdc monitoring 1.2.0 f81be075 diff --git a/packages/system/kubevirt/templates/kubevirt-cr.yaml b/packages/system/kubevirt/templates/kubevirt-cr.yaml index 54f2cf9c..87889e42 100644 --- a/packages/system/kubevirt/templates/kubevirt-cr.yaml +++ b/packages/system/kubevirt/templates/kubevirt-cr.yaml @@ -17,6 +17,7 @@ spec: - AutoResourceLimitsGate - CPUManager - GPU + - VMExport evictionStrategy: LiveMigrate customizeComponents: {} imagePullPolicy: IfNotPresent From 63ebab5c2af399bdaa6404401b2d5f2156b7f0f2 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 16:54:41 +0200 Subject: [PATCH 31/38] [ci] Enable release-candidates and backport functionality Signed-off-by: Andrei Kvapil --- .github/workflows/backport.yaml | 49 ++++ .github/workflows/pull-requests-release.yaml | 100 +++++--- .github/workflows/pull-requests.yaml | 25 +- .github/workflows/tags.yaml | 248 ++++++++++++------- 4 files changed, 289 insertions(+), 133 deletions(-) create mode 100644 .github/workflows/backport.yaml diff --git a/.github/workflows/backport.yaml b/.github/workflows/backport.yaml new file mode 100644 index 00000000..67445b77 --- /dev/null +++ b/.github/workflows/backport.yaml @@ -0,0 +1,49 @@ +name: Automatic Backport + +on: + pull_request_target: + types: [closed] # fires when PR is closed (merged) + +permissions: + contents: write + pull-requests: write + +jobs: + backport: + if: | + github.event.pull_request.merged == true && + contains(github.event.pull_request.labels.*.name, 'backport') + runs-on: [self-hosted] + + steps: + # 1. Decide which maintenance branch should receive the back‑port + - name: Determine target maintenance branch + id: target + uses: actions/github-script@v7 + with: + script: | + let rel; + try { + rel = await github.rest.repos.getLatestRelease({ + owner: context.repo.owner, + repo: context.repo.repo + }); + } catch (e) { + core.setFailed('No existing releases found; cannot determine backport target.'); + return; + } + const [maj, min] = rel.data.tag_name.replace(/^v/, '').split('.'); + const branch = `release-${maj}.${min}`; + core.setOutput('branch', branch); + console.log(`Latest release ${rel.data.tag_name}; backporting to ${branch}`); + # 2. Checkout (required by backport‑action) + - name: Checkout repository + uses: actions/checkout@v4 + + # 3. Create the back‑port pull request + - name: Create back‑port PR + uses: korthout/backport-action@v3 + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + label_pattern: '' # don't read labels for targets + target_branches: ${{ steps.target.outputs.branch }} diff --git a/.github/workflows/pull-requests-release.yaml b/.github/workflows/pull-requests-release.yaml index 790c9188..815ccb59 100644 --- a/.github/workflows/pull-requests-release.yaml +++ b/.github/workflows/pull-requests-release.yaml @@ -39,38 +39,82 @@ jobs: runs-on: [self-hosted] permissions: contents: write - + if: | github.event.pull_request.merged == true && contains(github.event.pull_request.labels.*.name, 'release') - + steps: + # Extract tag from branch name (branch = release-X.Y.Z*) - name: Extract tag from branch name id: get_tag uses: actions/github-script@v7 with: script: | const branch = context.payload.pull_request.head.ref; - const match = branch.match(/^release-(\d+\.\d+\.\d+(?:[-\w\.]+)?)$/); - - if (!match) { - core.setFailed(`Branch '${branch}' does not match expected format 'release-X.Y.Z[-suffix]'`); - } else { - const tag = `v${match[1]}`; - core.setOutput('tag', tag); - console.log(`✅ Extracted tag: ${tag}`); + const m = branch.match(/^release-(\d+\.\d+\.\d+(?:[-\w\.]+)?)$/); + if (!m) { + core.setFailed(`Branch '${branch}' does not match 'release-X.Y.Z[-suffix]'`); + return; } - + const tag = `v${m[1]}`; + core.setOutput('tag', tag); + console.log(`✅ Tag to publish: ${tag}`); + + # Checkout repo & create / push annotated tag - name: Checkout repo uses: actions/checkout@v4 with: fetch-depth: 0 - - - name: Create tag on merged commit + + - name: Create tag on merge commit run: | - git tag ${{ steps.get_tag.outputs.tag }} ${{ github.sha }} --force - git push origin ${{ steps.get_tag.outputs.tag }} --force - + git tag -f ${{ steps.get_tag.outputs.tag }} ${{ github.sha }} + git push -f origin ${{ steps.get_tag.outputs.tag }} + + # Get the latest published release + - name: Get the latest published release + id: latest_release + uses: actions/github-script@v7 + with: + script: | + try { + const rel = await github.rest.repos.getLatestRelease({ + owner: context.repo.owner, + repo: context.repo.repo + }); + core.setOutput('tag', rel.data.tag_name); + } catch (_) { + core.setOutput('tag', ''); + } + + # Compare current tag vs latest using semver-utils + - name: Semver compare + id: semver + uses: madhead/semver-utils@v4.3.0 + with: + version: ${{ steps.get_tag.outputs.tag }} + compare-to: ${{ steps.latest_release.outputs.tag }} + + # Derive flags: prerelease? make_latest? + - name: Calculate publish flags + id: flags + uses: actions/github-script@v7 + with: + script: | + const tag = '${{ steps.get_tag.outputs.tag }}'; // v0.31.5-rc1 + const m = tag.match(/^v(\d+\.\d+\.\d+)(-rc\d+)?$/); + if (!m) { + core.setFailed(`❌ tag '${tag}' must match 'vX.Y.Z' or 'vX.Y.Z-rcN'`); + return; + } + const version = m[1] + (m[2] ?? ''); // 0.31.5‑rc1 + const isRc = Boolean(m[2]); + core.setOutput('is_rc', isRc); + const outdated = '${{ steps.semver.outputs.comparison-result }}' === '<'; + core.setOutput('make_latest', isRc || outdated ? 'false' : 'legacy'); + + # Publish draft release with correct flags - name: Publish draft release uses: actions/github-script@v7 with: @@ -78,19 +122,17 @@ jobs: const tag = '${{ steps.get_tag.outputs.tag }}'; const releases = await github.rest.repos.listReleases({ owner: context.repo.owner, - repo: context.repo.repo + repo: context.repo.repo }); - - const release = releases.data.find(r => r.tag_name === tag && r.draft); - if (!release) { - throw new Error(`Draft release with tag ${tag} not found`); - } - + const draft = releases.data.find(r => r.tag_name === tag && r.draft); + if (!draft) throw new Error(`Draft release for ${tag} not found`); await github.rest.repos.updateRelease({ - owner: context.repo.owner, - repo: context.repo.repo, - release_id: release.id, - draft: false + owner: context.repo.owner, + repo: context.repo.repo, + release_id: draft.id, + draft: false, + prerelease: ${{ steps.flags.outputs.is_rc }}, + make_latest: '${{ steps.flags.outputs.make_latest }}' }); - - console.log(`✅ Published release for ${tag}`); + + console.log(`🚀 Published release for ${tag}`); diff --git a/.github/workflows/pull-requests.yaml b/.github/workflows/pull-requests.yaml index 47d19f4a..92226c2a 100644 --- a/.github/workflows/pull-requests.yaml +++ b/.github/workflows/pull-requests.yaml @@ -12,9 +12,20 @@ jobs: contents: read packages: write + # ───────────────────────────────────────────────────────────── + # Run automatically for internal PRs (same repo). + # For external PRs (forks) require the "ok‑to‑test" label. + # Never run when the PR carries the "release" label. + # ───────────────────────────────────────────────────────────── if: | - contains(github.event.pull_request.labels.*.name, 'ok-to-test') && - !contains(github.event.pull_request.labels.*.name, 'release') + !contains(github.event.pull_request.labels.*.name, 'release') && + ( + github.event.pull_request.head.repo.full_name == github.repository || + ( + github.event.pull_request.head.repo.full_name != github.repository && + contains(github.event.pull_request.labels.*.name, 'ok-to-test') + ) + ) steps: - name: Checkout code @@ -30,10 +41,8 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} registry: ghcr.io - - name: make build - run: | - make build + - name: Build + run: make build - - name: make test - run: | - make test + - name: Test + run: make test diff --git a/.github/workflows/tags.yaml b/.github/workflows/tags.yaml index 85319b2f..f50c9b0a 100644 --- a/.github/workflows/tags.yaml +++ b/.github/workflows/tags.yaml @@ -1,10 +1,9 @@ name: Versioned Tag on: - # Trigger on push if it includes a tag like vX.Y.Z push: tags: - - 'v*.*.*' + - 'v*.*.*' # vX.Y.Z or vX.Y.Z-rcN jobs: prepare-release: @@ -16,7 +15,7 @@ jobs: pull-requests: write steps: - # 1) Check if a non-draft release with this tag already exists + # Check if a non-draft release with this tag already exists - name: Check if release already exists id: check_release uses: actions/github-script@v7 @@ -25,57 +24,67 @@ jobs: const tag = context.ref.replace('refs/tags/', ''); const releases = await github.rest.repos.listReleases({ owner: context.repo.owner, - repo: context.repo.repo + repo: context.repo.repo }); - const existing = releases.data.find(r => r.tag_name === tag && !r.draft); - if (existing) { - core.setOutput('skip', 'true'); - } else { - core.setOutput('skip', 'false'); - } + const exists = releases.data.some(r => r.tag_name === tag && !r.draft); + core.setOutput('skip', exists); + console.log(exists ? `Release ${tag} already published` : `No published release ${tag}`); # If a published release already exists, skip the rest of the workflow - name: Skip if release already exists if: steps.check_release.outputs.skip == 'true' run: echo "Release already exists, skipping workflow." - # 2) Determine the base branch from which the tag was pushed + # Parse tag meta‑data (rc?, maintenance line, etc.) + - name: Parse tag + if: steps.check_release.outputs.skip == 'false' + id: tag + uses: actions/github-script@v7 + with: + script: | + const ref = context.ref.replace('refs/tags/', ''); // e.g. v0.31.5-rc1 + const m = ref.match(/^v(\d+\.\d+\.\d+)(-rc\d+)?$/); + if (!m) { + core.setFailed(`❌ tag '${ref}' must match 'vX.Y.Z' or 'vX.Y.Z-rcN'`); + return; + } + const version = m[1] + (m[2] ?? ''); // 0.31.5‑rc1 + const isRc = Boolean(m[2]); + const [maj, min] = m[1].split('.'); + core.setOutput('tag', ref); + core.setOutput('version', version); + core.setOutput('is_rc', isRc); + core.setOutput('line', `${maj}.${min}`); // 0.31 + + # Detect base branch (main or release‑X.Y) the tag was pushed from - name: Get base branch if: steps.check_release.outputs.skip == 'false' id: get_base uses: actions/github-script@v7 with: script: | - /* - For a push event with a tag, GitHub sets context.payload.base_ref - if the tag was pushed from a branch. - If it's empty, we can't determine the correct base branch and must fail. - */ const baseRef = context.payload.base_ref; if (!baseRef) { - core.setFailed(`❌ base_ref is empty. Make sure you push the tag from a branch (e.g. 'git push origin HEAD:refs/tags/vX.Y.Z').`); + core.setFailed(`❌ base_ref is empty. Push the tag via 'git push origin HEAD:refs/tags/'.`); return; } - - const shortBranch = baseRef.replace("refs/heads/", ""); - const releasePattern = /^release-\d+\.\d+$/; - if (shortBranch !== "main" && !releasePattern.test(shortBranch)) { - core.setFailed(`❌ Tagged commit must belong to branch 'main' or 'release-X.Y'. Got '${shortBranch}'`); + const branch = baseRef.replace('refs/heads/', ''); + const ok = branch === 'main' || /^release-\d+\.\d+$/.test(branch); + if (!ok) { + core.setFailed(`❌ Tagged commit must belong to 'main' or 'release-X.Y'. Got '${branch}'`); return; } + core.setOutput('branch', branch); - core.setOutput('branch', shortBranch); - - # 3) Checkout full git history and tags + # Checkout & login once - name: Checkout code if: steps.check_release.outputs.skip == 'false' uses: actions/checkout@v4 with: fetch-depth: 0 - fetch-tags: true + fetch-tags: true - # 4) Login to GitHub Container Registry - - name: Login to GitHub Container Registry + - name: Login to GHCR if: steps.check_release.outputs.skip == 'false' uses: docker/login-action@v3 with: @@ -83,113 +92,160 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} registry: ghcr.io - # 5) Build project artifacts + # Build project artifacts - name: Build if: steps.check_release.outputs.skip == 'false' run: make build - # 6) Optionally commit built artifacts to the repository + # Commit built artifacts - name: Commit release artifacts if: steps.check_release.outputs.skip == 'false' - env: - GIT_AUTHOR_NAME: ${{ github.actor }} - GIT_AUTHOR_EMAIL: ${{ github.actor }}@users.noreply.github.com run: | - git config user.name "github-actions" + git config user.name "github-actions" git config user.email "github-actions@github.com" git add . git commit -m "Prepare release ${GITHUB_REF#refs/tags/}" -s || echo "No changes to commit" + git push origin HEAD || true - # 7) Create a release branch like release-X.Y.Z + # Get `latest_version` from latest published release + - name: Get latest published release + if: steps.check_release.outputs.skip == 'false' + id: latest_release + uses: actions/github-script@v7 + with: + script: | + try { + const rel = await github.rest.repos.getLatestRelease({ + owner: context.repo.owner, + repo: context.repo.repo + }); + core.setOutput('tag', rel.data.tag_name); + } catch (_) { + core.setOutput('tag', ''); + } + + # Compare tag (A) with latest (B) + - name: Semver compare + if: steps.check_release.outputs.skip == 'false' + id: semver + uses: madhead/semver-utils@v4.3.0 + with: + version: ${{ steps.tag.outputs.tag }} # A + compare-to: ${{ steps.latest_release.outputs.tag }} # B + + # Create or reuse DRAFT GitHub Release + - name: Create / reuse draft release + if: steps.check_release.outputs.skip == 'false' + id: release + uses: actions/github-script@v7 + with: + script: | + const tag = '${{ steps.tag.outputs.tag }}'; + const isRc = ${{ steps.tag.outputs.is_rc }}; + const outdated = '${{ steps.semver.outputs.comparison-result }}' === '<'; + const makeLatest = outdated ? false : 'legacy'; + const releases = await github.rest.repos.listReleases({ + owner: context.repo.owner, + repo: context.repo.repo + }); + let rel = releases.data.find(r => r.tag_name === tag); + if (!rel) { + rel = await github.rest.repos.createRelease({ + owner: context.repo.owner, + repo: context.repo.repo, + tag_name: tag, + name: tag, + draft: true, + prerelease: isRc, + make_latest: makeLatest + }); + console.log(`Draft release created for ${tag}`); + } else { + console.log(`Re‑using existing release ${tag}`); + } + core.setOutput('upload_url', rel.upload_url); + + # Build + upload assets (optional) + - name: Build & upload assets + if: steps.check_release.outputs.skip == 'false' + run: | + make assets + make upload_assets VERSION=${{ steps.tag.outputs.version }} + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # Ensure long‑lived maintenance branch release‑X.Y + - name: Ensure maintenance branch release‑${{ steps.tag.outputs.line }} + if: | + steps.check_release.outputs.skip == 'false' && + steps.get_base.outputs.branch == 'main' + uses: actions/github-script@v7 + with: + script: | + const branch = `release-${'${{ steps.tag.outputs.line }}'}`; + try { + await github.rest.repos.getBranch({ + owner: context.repo.owner, + repo: context.repo.repo, + branch + }); + console.log(`Branch '${branch}' already exists`); + } catch (_) { + await github.git.createRef({ + owner: context.repo.owner, + repo: context.repo.repo, + ref: `refs/heads/${branch}`, + sha: context.sha + }); + console.log(`Branch '${branch}' created at ${context.sha}`); + } + + # Create release‑X.Y.Z branch and push (force‑update) - name: Create release branch if: steps.check_release.outputs.skip == 'false' run: | - BRANCH_NAME="release-${GITHUB_REF#refs/tags/v}" - git branch -f "$BRANCH_NAME" - git push origin "$BRANCH_NAME" --force + BRANCH="release-${GITHUB_REF#refs/tags/v}" + git branch -f "$BRANCH" + git push -f origin "$BRANCH" - # 8) Create a pull request from release-X.Y.Z to the original base branch + # Create pull request into original base branch (if absent) - name: Create pull request if not exists if: steps.check_release.outputs.skip == 'false' uses: actions/github-script@v7 with: script: | const version = context.ref.replace('refs/tags/v', ''); - const base = '${{ steps.get_base.outputs.branch }}'; - const head = `release-${version}`; + const base = '${{ steps.get_base.outputs.branch }}'; + const head = `release-${version}`; const prs = await github.rest.pulls.list({ owner: context.repo.owner, - repo: context.repo.repo, - head: `${context.repo.owner}:${head}`, + repo: context.repo.repo, + head: `${context.repo.owner}:${head}`, base }); - if (prs.data.length === 0) { - const newPr = await github.rest.pulls.create({ + const pr = await github.rest.pulls.create({ owner: context.repo.owner, - repo: context.repo.repo, + repo: context.repo.repo, head, base, title: `Release v${version}`, - body: - `This PR prepares the release \`v${version}\`.\n` + - `(Please merge it before releasing draft)`, + body: `This PR prepares the release \`v${version}\`.`, draft: false }); - - console.log(`Created pull request #${newPr.data.number} from ${head} to ${base}`); await github.rest.issues.addLabels({ owner: context.repo.owner, - repo: context.repo.repo, - issue_number: newPr.data.number, + repo: context.repo.repo, + issue_number: pr.data.number, labels: ['release'] }); + console.log(`Created PR #${pr.data.number}`); } else { - console.log(`Pull request already exists from ${head} to ${base}`); + console.log(`PR already exists from ${head} to ${base}`); } - # 9) Create or reuse an existing draft GitHub release for this tag - - name: Create or reuse draft release - if: steps.check_release.outputs.skip == 'false' - id: create_release - uses: actions/github-script@v7 - with: - script: | - const tag = context.ref.replace('refs/tags/', ''); - const releases = await github.rest.repos.listReleases({ - owner: context.repo.owner, - repo: context.repo.repo - }); - - let release = releases.data.find(r => r.tag_name === tag); - if (!release) { - release = await github.rest.repos.createRelease({ - owner: context.repo.owner, - repo: context.repo.repo, - tag_name: tag, - name: `${tag}`, - draft: true, - prerelease: false - }); - } - core.setOutput('upload_url', release.upload_url); - - # 10) Build additional assets for the release (if needed) - - name: Build assets - if: steps.check_release.outputs.skip == 'false' - run: make assets - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - # 11) Upload assets to the draft release - - name: Upload assets - if: steps.check_release.outputs.skip == 'false' - run: make upload_assets VERSION=${GITHUB_REF#refs/tags/} - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - # 12) Run tests - - name: Run tests + # Run tests + - name: Test if: steps.check_release.outputs.skip == 'false' run: make test From 405863cb1187b3c88e166a800a750f8a06d90e4e Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 18:51:56 +0200 Subject: [PATCH 32/38] Drop legacy label condition also for FluxCD. Signed-off-by: Andrei Kvapil --- dashboards/flux/flux-control-plane.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dashboards/flux/flux-control-plane.json b/dashboards/flux/flux-control-plane.json index 391538c7..bebbbdd3 100644 --- a/dashboards/flux/flux-control-plane.json +++ b/dashboards/flux/flux-control-plane.json @@ -626,7 +626,7 @@ "datasource": { "uid": "${DS_PROMETHEUS}" }, - "expr": "sum(container_memory_working_set_bytes{namespace=\"$namespace\",container!=\"POD\",container!=\"\",pod=~\".*-controller-.*\"}) by (pod)", + "expr": "sum(container_memory_working_set_bytes{namespace=\"$namespace\",container!=\"\",pod=~\".*-controller-.*\"}) by (pod)", "hide": false, "interval": "", "legendFormat": "{{pod}}", From f1624353efe8f34a1fc1498332a545e34896e0bc Mon Sep 17 00:00:00 2001 From: Timofei Larkin Date: Thu, 17 Apr 2025 14:28:11 +0300 Subject: [PATCH 33/38] Hash tenant config and store in configmap Every tenant now creates a configmap in its __tenant__ namespace with a sha256 of its values. Tenants (and eventually all other apps), watch the configmap in their __release__ namespace, by referencing it in the valuesFrom part of the HelmRelease. `tenant-root` is an exception, since it is the only tenant where the release namespace is the same as the tenant namespace. It references a different configmap in its valesFrom, created and reconciled by the cozystack installer script. Part of #802. Signed-off-by: Timofei Larkin --- .../apps/tenant/templates/configuration-hash.yaml | 7 +++++++ packages/core/platform/templates/apps.yaml | 6 ++++++ .../platform/templates/configuration-hash.yaml | 14 ++++++++++++++ pkg/apis/apps/v1alpha1/types.go | 6 ++++++ pkg/registry/apps/application/rest.go | 12 ++++++++++++ 5 files changed, 45 insertions(+) create mode 100644 packages/apps/tenant/templates/configuration-hash.yaml create mode 100644 packages/core/platform/templates/configuration-hash.yaml diff --git a/packages/apps/tenant/templates/configuration-hash.yaml b/packages/apps/tenant/templates/configuration-hash.yaml new file mode 100644 index 00000000..d918e3e6 --- /dev/null +++ b/packages/apps/tenant/templates/configuration-hash.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cozy-tenant-configuration-hash + namespace: {{ include "tenant.name" . }} +data: + cozyTenantConfigurationHash: {{ sha256sum (toJson .Values) | quote }} diff --git a/packages/core/platform/templates/apps.yaml b/packages/core/platform/templates/apps.yaml index f1872870..bdc3322f 100644 --- a/packages/core/platform/templates/apps.yaml +++ b/packages/core/platform/templates/apps.yaml @@ -54,6 +54,12 @@ spec: namespace: cozy-public values: host: "{{ $host }}" + valuesFrom: + - kind: ConfigMap + name: "cozy-system-configuration-hash" + valuesKey: "cozyTenantConfigurationHash" + targetPath: "cozyTenantConfigurationHash" + optional: true dependsOn: {{- range $x := $bundle.releases }} {{- if has $x.name (list "cilium" "kubeovn") }} diff --git a/packages/core/platform/templates/configuration-hash.yaml b/packages/core/platform/templates/configuration-hash.yaml new file mode 100644 index 00000000..8865a36c --- /dev/null +++ b/packages/core/platform/templates/configuration-hash.yaml @@ -0,0 +1,14 @@ +{{- $rootTenantConfiguration := dict "values" .Values }} +{{- $cozyConfig := index (lookup "v1" "ConfigMap" "cozy-system" "cozystack" ) "data" }} +{{- $cozyScheduling := index (lookup "v1" "ConfigMap" "cozy-system" "cozystack-scheduling") "data" }} +{{- $cozyBranding := index (lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" ) "data" }} +{{- $_ := set $rootTenantConfiguration "config" $cozyConfig }} +{{- $_ := set $rootTenantConfiguration "scheduling" $cozyScheduling }} +{{- $_ := set $rootTenantConfiguration "branding" $cozyBranding }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: cozy-system-configuration-hash + namespace: tenant-root +data: + cozyTenantConfigurationHash: {{ sha256sum (toJson $rootTenantConfiguration) | quote }} diff --git a/pkg/apis/apps/v1alpha1/types.go b/pkg/apis/apps/v1alpha1/types.go index 5a21d270..29d3d41e 100644 --- a/pkg/apis/apps/v1alpha1/types.go +++ b/pkg/apis/apps/v1alpha1/types.go @@ -21,6 +21,12 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +const ( + CozySystemConfigurationHashConfigMapName = "cozy-system-configuration-hash" + CozyTenantConfigurationHashConfigMapName = "cozy-tenant-configuration-hash" + CozyTenantConfigurationHashKey = "cozyTenantConfigurationHash" +) + // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // ApplicationList is a list of Application objects. diff --git a/pkg/registry/apps/application/rest.go b/pkg/registry/apps/application/rest.go index 9a3eb32d..8688c94d 100644 --- a/pkg/registry/apps/application/rest.go +++ b/pkg/registry/apps/application/rest.go @@ -988,6 +988,18 @@ func (r *REST) convertApplicationToHelmRelease(app *appsv1alpha1.Application) (* }, } + valuesFromConfigMap := appsv1alpha1.CozyTenantConfigurationHashConfigMapName + if helmRelease.Name == "tenant-root" && helmRelease.Namespace == "tenant-root" { + valuesFromConfigMap = appsv1alpha1.CozySystemConfigurationHashConfigMapName + } + helmRelease.Spec.ValuesFrom = []helmv2.ValuesReference{{ + Kind: "ConfigMap", + Name: valuesFromConfigMap, + ValuesKey: appsv1alpha1.CozyTenantConfigurationHashKey, + TargetPath: appsv1alpha1.CozyTenantConfigurationHashKey, + Optional: true, + }} + return helmRelease, nil } From 6a0fc644757524968f097dc97d8fa24d5c5dccdd Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 19:12:44 +0200 Subject: [PATCH 34/38] Update LINSTOR to v1.31.0 Signed-off-by: Andrei Kvapil --- .../charts/piraeus/Chart.yaml | 4 +-- .../charts/piraeus/templates/config.yaml | 27 +++++++++---------- 2 files changed, 15 insertions(+), 16 deletions(-) diff --git a/packages/system/piraeus-operator/charts/piraeus/Chart.yaml b/packages/system/piraeus-operator/charts/piraeus/Chart.yaml index 0a2b853d..598dff4c 100644 --- a/packages/system/piraeus-operator/charts/piraeus/Chart.yaml +++ b/packages/system/piraeus-operator/charts/piraeus/Chart.yaml @@ -3,8 +3,8 @@ name: piraeus description: | The Piraeus Operator manages software defined storage clusters using LINSTOR in Kubernetes. type: application -version: 2.7.1 -appVersion: "v2.7.1" +version: 2.8.1 +appVersion: "v2.8.1" maintainers: - name: Piraeus Datastore url: https://piraeus.io diff --git a/packages/system/piraeus-operator/charts/piraeus/templates/config.yaml b/packages/system/piraeus-operator/charts/piraeus/templates/config.yaml index ca17da64..f912c1f3 100644 --- a/packages/system/piraeus-operator/charts/piraeus/templates/config.yaml +++ b/packages/system/piraeus-operator/charts/piraeus/templates/config.yaml @@ -17,20 +17,19 @@ data: # quay.io/piraeusdatastore/piraeus-server:v1.24.2 components: linstor-controller: - tag: v1.29.2 + tag: v1.31.0 image: piraeus-server linstor-satellite: - # Pin with digest to ensure we pull the version with downgraded thin-send-recv - tag: v1.29.2 + tag: v1.31.0 image: piraeus-server linstor-csi: - tag: v1.6.4 + tag: v1.7.1 image: piraeus-csi drbd-reactor: - tag: v1.6.0 + tag: v1.8.0 image: drbd-reactor ha-controller: - tag: v1.2.3 + tag: v1.3.0 image: piraeus-ha-controller drbd-shutdown-guard: tag: v1.0.0 @@ -39,7 +38,7 @@ data: tag: v0.11 image: ktls-utils drbd-module-loader: - tag: v9.2.12 + tag: v9.2.13 # The special "match" attribute is used to select an image based on the node's reported OS. # The operator will first check the k8s node's ".status.nodeInfo.osImage" field, and compare it against the list # here. If one matches, that specific image name will be used instead of the fallback image. @@ -90,25 +89,25 @@ data: base: registry.k8s.io/sig-storage components: csi-attacher: - tag: v4.7.0 + tag: v4.8.1 image: csi-attacher csi-livenessprobe: - tag: v2.14.0 + tag: v2.15.0 image: livenessprobe csi-provisioner: - tag: v5.1.0 + tag: v5.2.0 image: csi-provisioner csi-snapshotter: - tag: v8.1.0 + tag: v8.2.1 image: csi-snapshotter csi-resizer: - tag: v1.12.0 + tag: v1.13.2 image: csi-resizer csi-external-health-monitor-controller: - tag: v0.13.0 + tag: v0.14.0 image: csi-external-health-monitor-controller csi-node-driver-registrar: - tag: v2.12.0 + tag: v2.13.0 image: csi-node-driver-registrar {{- range $idx, $value := .Values.imageConfigOverride }} {{ add $idx 1 }}_helm_override.yaml: | From 703073a1642b2ef2c81245e4d3412d71c933a971 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Tue, 22 Apr 2025 19:30:30 +0200 Subject: [PATCH 35/38] Update Cilium to v1.17.3 Signed-off-by: Andrei Kvapil --- .../system/cilium/charts/cilium/Chart.yaml | 4 +-- .../system/cilium/charts/cilium/README.md | 16 +++++----- .../system/cilium/charts/cilium/values.yaml | 32 +++++++++---------- .../system/cilium/images/cilium/Dockerfile | 2 +- 4 files changed, 27 insertions(+), 27 deletions(-) diff --git a/packages/system/cilium/charts/cilium/Chart.yaml b/packages/system/cilium/charts/cilium/Chart.yaml index b301aa4d..58a3f883 100644 --- a/packages/system/cilium/charts/cilium/Chart.yaml +++ b/packages/system/cilium/charts/cilium/Chart.yaml @@ -79,7 +79,7 @@ annotations: Pod IP Pool\n description: |\n CiliumPodIPPool defines an IP pool that can be used for pooled IPAM (i.e. the multi-pool IPAM mode).\n" apiVersion: v2 -appVersion: 1.17.2 +appVersion: 1.17.3 description: eBPF-based Networking, Security, and Observability home: https://cilium.io/ icon: https://cdn.jsdelivr.net/gh/cilium/cilium@main/Documentation/images/logo-solo.svg @@ -95,4 +95,4 @@ kubeVersion: '>= 1.21.0-0' name: cilium sources: - https://github.com/cilium/cilium -version: 1.17.2 +version: 1.17.3 diff --git a/packages/system/cilium/charts/cilium/README.md b/packages/system/cilium/charts/cilium/README.md index cab29347..56641be8 100644 --- a/packages/system/cilium/charts/cilium/README.md +++ b/packages/system/cilium/charts/cilium/README.md @@ -1,6 +1,6 @@ # cilium -![Version: 1.17.2](https://img.shields.io/badge/Version-1.17.2-informational?style=flat-square) ![AppVersion: 1.17.2](https://img.shields.io/badge/AppVersion-1.17.2-informational?style=flat-square) +![Version: 1.17.3](https://img.shields.io/badge/Version-1.17.3-informational?style=flat-square) ![AppVersion: 1.17.3](https://img.shields.io/badge/AppVersion-1.17.3-informational?style=flat-square) Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application workloads such as @@ -85,7 +85,7 @@ contributors across the globe, there is almost always someone available to help. | authentication.mutual.spire.install.agent.tolerations | list | `[{"effect":"NoSchedule","key":"node.kubernetes.io/not-ready"},{"effect":"NoSchedule","key":"node-role.kubernetes.io/master"},{"effect":"NoSchedule","key":"node-role.kubernetes.io/control-plane"},{"effect":"NoSchedule","key":"node.cloudprovider.kubernetes.io/uninitialized","value":"true"},{"key":"CriticalAddonsOnly","operator":"Exists"}]` | SPIRE agent tolerations configuration By default it follows the same tolerations as the agent itself to allow the Cilium agent on this node to connect to SPIRE. ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ | | authentication.mutual.spire.install.enabled | bool | `true` | Enable SPIRE installation. This will only take effect only if authentication.mutual.spire.enabled is true | | authentication.mutual.spire.install.existingNamespace | bool | `false` | SPIRE namespace already exists. Set to true if Helm should not create, manage, and import the SPIRE namespace. | -| authentication.mutual.spire.install.initImage | object | `{"digest":"sha256:498a000f370d8c37927118ed80afe8adc38d1edcbfc071627d17b25c88efcab0","override":null,"pullPolicy":"IfNotPresent","repository":"docker.io/library/busybox","tag":"1.37.0","useDigest":true}` | init container image of SPIRE agent and server | +| authentication.mutual.spire.install.initImage | object | `{"digest":"sha256:37f7b378a29ceb4c551b1b5582e27747b855bbfaa73fa11914fe0df028dc581f","override":null,"pullPolicy":"IfNotPresent","repository":"docker.io/library/busybox","tag":"1.37.0","useDigest":true}` | init container image of SPIRE agent and server | | authentication.mutual.spire.install.namespace | string | `"cilium-spire"` | SPIRE namespace to install into | | authentication.mutual.spire.install.server.affinity | object | `{}` | SPIRE server affinity configuration | | authentication.mutual.spire.install.server.annotations | object | `{}` | SPIRE server annotations | @@ -197,7 +197,7 @@ contributors across the globe, there is almost always someone available to help. | clustermesh.apiserver.extraVolumeMounts | list | `[]` | Additional clustermesh-apiserver volumeMounts. | | clustermesh.apiserver.extraVolumes | list | `[]` | Additional clustermesh-apiserver volumes. | | clustermesh.apiserver.healthPort | int | `9880` | TCP port for the clustermesh-apiserver health API. | -| clustermesh.apiserver.image | object | `{"digest":"sha256:981250ebdc6e66e190992eaf75cfca169113a8f08d5c3793fe15822176980398","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/clustermesh-apiserver","tag":"v1.17.2","useDigest":true}` | Clustermesh API server image. | +| clustermesh.apiserver.image | object | `{"digest":"sha256:98d5feaf67dd9b5d8d219ff5990de10539566eedc5412bcf52df75920896ad42","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/clustermesh-apiserver","tag":"v1.17.3","useDigest":true}` | Clustermesh API server image. | | clustermesh.apiserver.kvstoremesh.enabled | bool | `true` | Enable KVStoreMesh. KVStoreMesh caches the information retrieved from the remote clusters in the local etcd instance. | | clustermesh.apiserver.kvstoremesh.extraArgs | list | `[]` | Additional KVStoreMesh arguments. | | clustermesh.apiserver.kvstoremesh.extraEnv | list | `[]` | Additional KVStoreMesh environment variables. | @@ -377,7 +377,7 @@ contributors across the globe, there is almost always someone available to help. | envoy.healthPort | int | `9878` | TCP port for the health API. | | envoy.httpRetryCount | int | `3` | Maximum number of retries for each HTTP request | | envoy.idleTimeoutDurationSeconds | int | `60` | Set Envoy upstream HTTP idle connection timeout seconds. Does not apply to connections with pending requests. Default 60s | -| envoy.image | object | `{"digest":"sha256:377c78c13d2731f3720f931721ee309159e782d882251709cb0fac3b42c03f4b","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium-envoy","tag":"v1.31.5-1741765102-efed3defcc70ab5b263a0fc44c93d316b846a211","useDigest":true}` | Envoy container image. | +| envoy.image | object | `{"digest":"sha256:a01cadf7974409b5c5c92ace3d6afa298408468ca24cab1cb413c04f89d3d1f9","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium-envoy","tag":"v1.32.5-1744305768-f9ddca7dcd91f7ca25a505560e655c47d3dec2cf","useDigest":true}` | Envoy container image. | | envoy.initialFetchTimeoutSeconds | int | `30` | Time in seconds after which the initial fetch on an xDS stream is considered timed out | | envoy.livenessProbe.failureThreshold | int | `10` | failure threshold of liveness probe | | envoy.livenessProbe.periodSeconds | int | `30` | interval between checks of the liveness probe | @@ -518,7 +518,7 @@ contributors across the globe, there is almost always someone available to help. | hubble.relay.extraVolumes | list | `[]` | Additional hubble-relay volumes. | | hubble.relay.gops.enabled | bool | `true` | Enable gops for hubble-relay | | hubble.relay.gops.port | int | `9893` | Configure gops listen port for hubble-relay | -| hubble.relay.image | object | `{"digest":"sha256:42a8db5c256c516cacb5b8937c321b2373ad7a6b0a1e5a5120d5028433d586cc","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-relay","tag":"v1.17.2","useDigest":true}` | Hubble-relay container image. | +| hubble.relay.image | object | `{"digest":"sha256:f8674b5139111ac828a8818da7f2d344b4a5bfbaeb122c5dc9abed3e74000c55","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/hubble-relay","tag":"v1.17.3","useDigest":true}` | Hubble-relay container image. | | hubble.relay.listenHost | string | `""` | Host to listen to. Specify an empty string to bind to all the interfaces. | | hubble.relay.listenPort | string | `"4245"` | Port to listen to. | | hubble.relay.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | @@ -625,7 +625,7 @@ contributors across the globe, there is almost always someone available to help. | hubble.ui.updateStrategy | object | `{"rollingUpdate":{"maxUnavailable":1},"type":"RollingUpdate"}` | hubble-ui update strategy. | | identityAllocationMode | string | `"crd"` | Method to use for identity allocation (`crd`, `kvstore` or `doublewrite-readkvstore` / `doublewrite-readcrd` for migrating between identity backends). | | identityChangeGracePeriod | string | `"5s"` | Time to wait before using new identity on endpoint identity change. | -| image | object | `{"digest":"sha256:3c4c9932b5d8368619cb922a497ff2ebc8def5f41c18e410bcc84025fcd385b1","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.17.2","useDigest":true}` | Agent container image. | +| image | object | `{"digest":"sha256:1782794aeac951af139315c10eff34050aa7579c12827ee9ec376bb719b82873","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.17.3","useDigest":true}` | Agent container image. | | imagePullSecrets | list | `[]` | Configure image pull secrets for pulling container images | | ingressController.default | bool | `false` | Set cilium ingress controller to be the default ingress controller This will let cilium ingress controller route entries without ingress class set | | ingressController.defaultSecretName | string | `nil` | Default secret name for ingresses without .spec.tls[].secretName set. | @@ -762,7 +762,7 @@ contributors across the globe, there is almost always someone available to help. | operator.hostNetwork | bool | `true` | HostNetwork setting | | operator.identityGCInterval | string | `"15m0s"` | Interval for identity garbage collection. | | operator.identityHeartbeatTimeout | string | `"30m0s"` | Timeout for identity heartbeats. | -| operator.image | object | `{"alibabacloudDigest":"sha256:7cb8c23417f65348bb810fe92fb05b41d926f019d77442f3fa1058d17fea7ffe","awsDigest":"sha256:955096183e22a203bbb198ca66e3266ce4dbc2b63f1a2fbd03f9373dcd97893c","azureDigest":"sha256:455fb88b558b1b8ba09d63302ccce76b4930581be89def027184ab04335c20e0","genericDigest":"sha256:81f2d7198366e8dec2903a3a8361e4c68d47d19c68a0d42f0b7b6e3f0523f249","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/operator","suffix":"","tag":"v1.17.2","useDigest":true}` | cilium-operator image. | +| operator.image | object | `{"alibabacloudDigest":"sha256:e9a9ab227c6e833985bde6537b4d1540b0907f21a84319de4b7d62c5302eed5c","awsDigest":"sha256:40f235111fb2bca209ee65b12f81742596e881a0a3ee4d159776d78e3091ba7f","azureDigest":"sha256:6a3294ec8a2107048254179c3ac5121866f90d20fccf12f1d70960e61f304713","genericDigest":"sha256:8bd38d0e97a955b2d725929d60df09d712fb62b60b930551a29abac2dd92e597","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/operator","suffix":"","tag":"v1.17.3","useDigest":true}` | cilium-operator image. | | operator.nodeGCInterval | string | `"5m0s"` | Interval for cilium node garbage collection. | | operator.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for cilium-operator pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | operator.podAnnotations | object | `{}` | Annotations to be added to cilium-operator pods | @@ -812,7 +812,7 @@ contributors across the globe, there is almost always someone available to help. | preflight.extraEnv | list | `[]` | Additional preflight environment variables. | | preflight.extraVolumeMounts | list | `[]` | Additional preflight volumeMounts. | | preflight.extraVolumes | list | `[]` | Additional preflight volumes. | -| preflight.image | object | `{"digest":"sha256:3c4c9932b5d8368619cb922a497ff2ebc8def5f41c18e410bcc84025fcd385b1","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.17.2","useDigest":true}` | Cilium pre-flight image. | +| preflight.image | object | `{"digest":"sha256:1782794aeac951af139315c10eff34050aa7579c12827ee9ec376bb719b82873","override":null,"pullPolicy":"IfNotPresent","repository":"quay.io/cilium/cilium","tag":"v1.17.3","useDigest":true}` | Cilium pre-flight image. | | preflight.nodeSelector | object | `{"kubernetes.io/os":"linux"}` | Node labels for preflight pod assignment ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodeselector | | preflight.podAnnotations | object | `{}` | Annotations to be added to preflight pods | | preflight.podDisruptionBudget.enabled | bool | `false` | enable PodDisruptionBudget ref: https://kubernetes.io/docs/concepts/workloads/pods/disruptions/ | diff --git a/packages/system/cilium/charts/cilium/values.yaml b/packages/system/cilium/charts/cilium/values.yaml index 8a84dfe8..dc695e76 100644 --- a/packages/system/cilium/charts/cilium/values.yaml +++ b/packages/system/cilium/charts/cilium/values.yaml @@ -191,10 +191,10 @@ image: # @schema override: ~ repository: "quay.io/cilium/cilium" - tag: "v1.17.2" + tag: "v1.17.3" pullPolicy: "IfNotPresent" # cilium-digest - digest: "sha256:3c4c9932b5d8368619cb922a497ff2ebc8def5f41c18e410bcc84025fcd385b1" + digest: "sha256:1782794aeac951af139315c10eff34050aa7579c12827ee9ec376bb719b82873" useDigest: true # -- Scheduling configurations for cilium pods scheduling: @@ -1440,9 +1440,9 @@ hubble: # @schema override: ~ repository: "quay.io/cilium/hubble-relay" - tag: "v1.17.2" + tag: "v1.17.3" # hubble-relay-digest - digest: "sha256:42a8db5c256c516cacb5b8937c321b2373ad7a6b0a1e5a5120d5028433d586cc" + digest: "sha256:f8674b5139111ac828a8818da7f2d344b4a5bfbaeb122c5dc9abed3e74000c55" useDigest: true pullPolicy: "IfNotPresent" # -- Specifies the resources for the hubble-relay pods @@ -2351,9 +2351,9 @@ envoy: # @schema override: ~ repository: "quay.io/cilium/cilium-envoy" - tag: "v1.31.5-1741765102-efed3defcc70ab5b263a0fc44c93d316b846a211" + tag: "v1.32.5-1744305768-f9ddca7dcd91f7ca25a505560e655c47d3dec2cf" pullPolicy: "IfNotPresent" - digest: "sha256:377c78c13d2731f3720f931721ee309159e782d882251709cb0fac3b42c03f4b" + digest: "sha256:a01cadf7974409b5c5c92ace3d6afa298408468ca24cab1cb413c04f89d3d1f9" useDigest: true # -- Additional containers added to the cilium Envoy DaemonSet. extraContainers: [] @@ -2708,15 +2708,15 @@ operator: # @schema override: ~ repository: "quay.io/cilium/operator" - tag: "v1.17.2" + tag: "v1.17.3" # operator-generic-digest - genericDigest: "sha256:81f2d7198366e8dec2903a3a8361e4c68d47d19c68a0d42f0b7b6e3f0523f249" + genericDigest: "sha256:8bd38d0e97a955b2d725929d60df09d712fb62b60b930551a29abac2dd92e597" # operator-azure-digest - azureDigest: "sha256:455fb88b558b1b8ba09d63302ccce76b4930581be89def027184ab04335c20e0" + azureDigest: "sha256:6a3294ec8a2107048254179c3ac5121866f90d20fccf12f1d70960e61f304713" # operator-aws-digest - awsDigest: "sha256:955096183e22a203bbb198ca66e3266ce4dbc2b63f1a2fbd03f9373dcd97893c" + awsDigest: "sha256:40f235111fb2bca209ee65b12f81742596e881a0a3ee4d159776d78e3091ba7f" # operator-alibabacloud-digest - alibabacloudDigest: "sha256:7cb8c23417f65348bb810fe92fb05b41d926f019d77442f3fa1058d17fea7ffe" + alibabacloudDigest: "sha256:e9a9ab227c6e833985bde6537b4d1540b0907f21a84319de4b7d62c5302eed5c" useDigest: true pullPolicy: "IfNotPresent" suffix: "" @@ -2991,9 +2991,9 @@ preflight: # @schema override: ~ repository: "quay.io/cilium/cilium" - tag: "v1.17.2" + tag: "v1.17.3" # cilium-digest - digest: "sha256:3c4c9932b5d8368619cb922a497ff2ebc8def5f41c18e410bcc84025fcd385b1" + digest: "sha256:1782794aeac951af139315c10eff34050aa7579c12827ee9ec376bb719b82873" useDigest: true pullPolicy: "IfNotPresent" # -- The priority class to use for the preflight pod. @@ -3140,9 +3140,9 @@ clustermesh: # @schema override: ~ repository: "quay.io/cilium/clustermesh-apiserver" - tag: "v1.17.2" + tag: "v1.17.3" # clustermesh-apiserver-digest - digest: "sha256:981250ebdc6e66e190992eaf75cfca169113a8f08d5c3793fe15822176980398" + digest: "sha256:98d5feaf67dd9b5d8d219ff5990de10539566eedc5412bcf52df75920896ad42" useDigest: true pullPolicy: "IfNotPresent" # -- TCP port for the clustermesh-apiserver health API. @@ -3649,7 +3649,7 @@ authentication: override: ~ repository: "docker.io/library/busybox" tag: "1.37.0" - digest: "sha256:498a000f370d8c37927118ed80afe8adc38d1edcbfc071627d17b25c88efcab0" + digest: "sha256:37f7b378a29ceb4c551b1b5582e27747b855bbfaa73fa11914fe0df028dc581f" useDigest: true pullPolicy: "IfNotPresent" # SPIRE agent configuration diff --git a/packages/system/cilium/images/cilium/Dockerfile b/packages/system/cilium/images/cilium/Dockerfile index 7d855c32..d85c32e3 100644 --- a/packages/system/cilium/images/cilium/Dockerfile +++ b/packages/system/cilium/images/cilium/Dockerfile @@ -1,2 +1,2 @@ -ARG VERSION=v1.17.2 +ARG VERSION=v1.17.3 FROM quay.io/cilium/cilium:${VERSION} From e8cc44450ab810372cb2ac806c1da6795ea57c83 Mon Sep 17 00:00:00 2001 From: kklinch0 Date: Tue, 22 Apr 2025 22:48:09 +0300 Subject: [PATCH 36/38] [platform]: add vpa for cozy etcd operator Signed-off-by: kklinch0 --- .../charts/etcd-operator/Chart.yaml | 4 +- .../charts/etcd-operator/README.md | 11 +++ .../templates/workload/deployment.yml | 4 ++ .../etcd-operator/templates/workload/vpa.yml | 41 +++++++++++ .../charts/etcd-operator/values.schema.json | 68 +++++++++++++++++++ .../charts/etcd-operator/values.yaml | 21 ++++++ 6 files changed, 147 insertions(+), 2 deletions(-) create mode 100644 packages/system/etcd-operator/charts/etcd-operator/templates/workload/vpa.yml diff --git a/packages/system/etcd-operator/charts/etcd-operator/Chart.yaml b/packages/system/etcd-operator/charts/etcd-operator/Chart.yaml index 4aed3756..9ab731ce 100644 --- a/packages/system/etcd-operator/charts/etcd-operator/Chart.yaml +++ b/packages/system/etcd-operator/charts/etcd-operator/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v2 -appVersion: v0.4.1 +appVersion: v0.4.2 name: etcd-operator type: application -version: 0.4.1 +version: 0.4.2 diff --git a/packages/system/etcd-operator/charts/etcd-operator/README.md b/packages/system/etcd-operator/charts/etcd-operator/README.md index 33838106..144c2ef0 100644 --- a/packages/system/etcd-operator/charts/etcd-operator/README.md +++ b/packages/system/etcd-operator/charts/etcd-operator/README.md @@ -26,6 +26,11 @@ | etcdOperator.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | | etcdOperator.service.port | int | `9443` | Service port | | etcdOperator.service.type | string | `"ClusterIP"` | Service type | +| etcdOperator.vpa.enabled | bool | `true` | | +| etcdOperator.vpa.maxAllowed.cpu | string | `"1000m"` | | +| etcdOperator.vpa.maxAllowed.memory | string | `"1Gi"` | | +| etcdOperator.vpa.minAllowed.cpu | string | `"100m"` | | +| etcdOperator.vpa.minAllowed.memory | string | `"128Mi"` | | | fullnameOverride | string | `""` | Override a full name of helm release | | imagePullSecrets | list | `[]` | | | kubeRbacProxy.args[0] | string | `"--secure-listen-address=0.0.0.0:8443"` | | @@ -41,6 +46,11 @@ | kubeRbacProxy.securityContext | object | `{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]}}` | ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ | | kubeRbacProxy.service.port | int | `8443` | Service port | | kubeRbacProxy.service.type | string | `"ClusterIP"` | Service type | +| kubeRbacProxy.vpa.enabled | bool | `true` | | +| kubeRbacProxy.vpa.maxAllowed.cpu | string | `"500m"` | | +| kubeRbacProxy.vpa.maxAllowed.memory | string | `"256Mi"` | | +| kubeRbacProxy.vpa.minAllowed.cpu | string | `"50m"` | | +| kubeRbacProxy.vpa.minAllowed.memory | string | `"64Mi"` | | | kubernetesClusterDomain | string | `"cluster.local"` | Kubernetes cluster domain prefix | | nameOverride | string | `""` | Override a name of helm release | | nodeSelector | object | `{}` | ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/ | @@ -51,4 +61,5 @@ | serviceAccount.annotations | object | `{}` | Annotations to add to the service account | | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | tolerations | list | `[]` | ref: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/ | +| vpa.updatePolicy | string | `"Auto"` | | diff --git a/packages/system/etcd-operator/charts/etcd-operator/templates/workload/deployment.yml b/packages/system/etcd-operator/charts/etcd-operator/templates/workload/deployment.yml index 17848ada..206860b8 100644 --- a/packages/system/etcd-operator/charts/etcd-operator/templates/workload/deployment.yml +++ b/packages/system/etcd-operator/charts/etcd-operator/templates/workload/deployment.yml @@ -45,10 +45,12 @@ spec: readinessProbe: {{- toYaml . | nindent 12 }} {{- end }} + {{- if not .Values.etcdOperator.vpa.enabled }} {{- with .Values.etcdOperator.resources }} resources: {{- toYaml . | nindent 12 }} {{- end }} + {{- end }} {{- with .Values.etcdOperator.securityContext }} securityContext: {{- toYaml . | nindent 12 }} @@ -87,10 +89,12 @@ spec: readinessProbe: {{- toYaml . | nindent 12 }} {{- end }} + {{- if not .Values.kubeRbacProxy.vpa.enabled }} {{- with .Values.kubeRbacProxy.resources }} resources: {{- toYaml . | nindent 12 }} {{- end }} + {{- end }} {{- with .Values.kubeRbacProxy.securityContext }} securityContext: {{- toYaml . | nindent 12 }} diff --git a/packages/system/etcd-operator/charts/etcd-operator/templates/workload/vpa.yml b/packages/system/etcd-operator/charts/etcd-operator/templates/workload/vpa.yml new file mode 100644 index 00000000..a82b41b8 --- /dev/null +++ b/packages/system/etcd-operator/charts/etcd-operator/templates/workload/vpa.yml @@ -0,0 +1,41 @@ +{{- if or .Values.etcdOperator.vpa.enabled .Values.kubeRbacProxy.vpa.enabled }} +apiVersion: autoscaling.k8s.io/v1 +kind: VerticalPodAutoscaler +metadata: + name: {{ include "etcd-operator.fullname" . }}-controller-manager + labels: + {{- include "etcd-operator.labels" . | nindent 4 }} +spec: + targetRef: + apiVersion: "apps/v1" + kind: Deployment + name: {{ include "etcd-operator.fullname" . }}-controller-manager + updatePolicy: + updateMode: {{ .Values.vpa.updatePolicy | default "Auto" | quote }} + resourcePolicy: + containerPolicies: + {{- if .Values.etcdOperator.vpa.enabled }} + - containerName: etcd-operator + {{- with .Values.etcdOperator.vpa.minAllowed }} + minAllowed: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.etcdOperator.vpa.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 10 }} + {{- end }} + controlledResources: ["cpu", "memory"] + {{- end }} + {{- if .Values.kubeRbacProxy.vpa.enabled }} + - containerName: kube-rbac-proxy + {{- with .Values.kubeRbacProxy.vpa.minAllowed }} + minAllowed: + {{- toYaml . | nindent 10 }} + {{- end }} + {{- with .Values.kubeRbacProxy.vpa.maxAllowed }} + maxAllowed: + {{- toYaml . | nindent 10 }} + {{- end }} + controlledResources: ["cpu", "memory"] + {{- end }} +{{- end }} diff --git a/packages/system/etcd-operator/charts/etcd-operator/values.schema.json b/packages/system/etcd-operator/charts/etcd-operator/values.schema.json index 65836a6b..f6ae1572 100644 --- a/packages/system/etcd-operator/charts/etcd-operator/values.schema.json +++ b/packages/system/etcd-operator/charts/etcd-operator/values.schema.json @@ -131,6 +131,36 @@ } }, "type": "object" + }, + "vpa": { + "properties": { + "enabled": { + "type": "boolean" + }, + "maxAllowed": { + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string" + } + }, + "type": "object" + }, + "minAllowed": { + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" } }, "type": "object" @@ -227,6 +257,36 @@ } }, "type": "object" + }, + "vpa": { + "properties": { + "enabled": { + "type": "boolean" + }, + "maxAllowed": { + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string" + } + }, + "type": "object" + }, + "minAllowed": { + "properties": { + "cpu": { + "type": "string" + }, + "memory": { + "type": "string" + } + }, + "type": "object" + } + }, + "type": "object" } }, "type": "object" @@ -270,6 +330,14 @@ }, "tolerations": { "type": "array" + }, + "vpa": { + "properties": { + "updatePolicy": { + "type": "string" + } + }, + "type": "object" } }, "type": "object" diff --git a/packages/system/etcd-operator/charts/etcd-operator/values.yaml b/packages/system/etcd-operator/charts/etcd-operator/values.yaml index dcef802b..9687a10c 100644 --- a/packages/system/etcd-operator/charts/etcd-operator/values.yaml +++ b/packages/system/etcd-operator/charts/etcd-operator/values.yaml @@ -84,6 +84,15 @@ etcdOperator: drop: - ALL + vpa: + enabled: true + minAllowed: + cpu: 100m + memory: 128Mi + maxAllowed: + cpu: 1000m + memory: 1Gi + kubeRbacProxy: image: @@ -142,6 +151,15 @@ kubeRbacProxy: drop: - ALL + vpa: + enabled: true + minAllowed: + cpu: 50m + memory: 64Mi + maxAllowed: + cpu: 500m + memory: 256Mi + # -- Kubernetes cluster domain prefix kubernetesClusterDomain: cluster.local @@ -182,3 +200,6 @@ tolerations: [] # -- ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#affinity-and-anti-affinity affinity: {} + +vpa: + updatePolicy: "Auto" From 0a998c8b498d131db8e70976976d37b3bb4dd103 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Wed, 23 Apr 2025 12:37:25 +0200 Subject: [PATCH 37/38] Revert "[platform] Hash tenant config and store in configmap" Signed-off-by: Andrei Kvapil --- .../apps/tenant/templates/configuration-hash.yaml | 7 ------- packages/core/platform/templates/apps.yaml | 6 ------ .../platform/templates/configuration-hash.yaml | 14 -------------- pkg/apis/apps/v1alpha1/types.go | 6 ------ pkg/registry/apps/application/rest.go | 12 ------------ 5 files changed, 45 deletions(-) delete mode 100644 packages/apps/tenant/templates/configuration-hash.yaml delete mode 100644 packages/core/platform/templates/configuration-hash.yaml diff --git a/packages/apps/tenant/templates/configuration-hash.yaml b/packages/apps/tenant/templates/configuration-hash.yaml deleted file mode 100644 index d918e3e6..00000000 --- a/packages/apps/tenant/templates/configuration-hash.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: cozy-tenant-configuration-hash - namespace: {{ include "tenant.name" . }} -data: - cozyTenantConfigurationHash: {{ sha256sum (toJson .Values) | quote }} diff --git a/packages/core/platform/templates/apps.yaml b/packages/core/platform/templates/apps.yaml index bdc3322f..f1872870 100644 --- a/packages/core/platform/templates/apps.yaml +++ b/packages/core/platform/templates/apps.yaml @@ -54,12 +54,6 @@ spec: namespace: cozy-public values: host: "{{ $host }}" - valuesFrom: - - kind: ConfigMap - name: "cozy-system-configuration-hash" - valuesKey: "cozyTenantConfigurationHash" - targetPath: "cozyTenantConfigurationHash" - optional: true dependsOn: {{- range $x := $bundle.releases }} {{- if has $x.name (list "cilium" "kubeovn") }} diff --git a/packages/core/platform/templates/configuration-hash.yaml b/packages/core/platform/templates/configuration-hash.yaml deleted file mode 100644 index 8865a36c..00000000 --- a/packages/core/platform/templates/configuration-hash.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{- $rootTenantConfiguration := dict "values" .Values }} -{{- $cozyConfig := index (lookup "v1" "ConfigMap" "cozy-system" "cozystack" ) "data" }} -{{- $cozyScheduling := index (lookup "v1" "ConfigMap" "cozy-system" "cozystack-scheduling") "data" }} -{{- $cozyBranding := index (lookup "v1" "ConfigMap" "cozy-system" "cozystack-branding" ) "data" }} -{{- $_ := set $rootTenantConfiguration "config" $cozyConfig }} -{{- $_ := set $rootTenantConfiguration "scheduling" $cozyScheduling }} -{{- $_ := set $rootTenantConfiguration "branding" $cozyBranding }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: cozy-system-configuration-hash - namespace: tenant-root -data: - cozyTenantConfigurationHash: {{ sha256sum (toJson $rootTenantConfiguration) | quote }} diff --git a/pkg/apis/apps/v1alpha1/types.go b/pkg/apis/apps/v1alpha1/types.go index 29d3d41e..5a21d270 100644 --- a/pkg/apis/apps/v1alpha1/types.go +++ b/pkg/apis/apps/v1alpha1/types.go @@ -21,12 +21,6 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -const ( - CozySystemConfigurationHashConfigMapName = "cozy-system-configuration-hash" - CozyTenantConfigurationHashConfigMapName = "cozy-tenant-configuration-hash" - CozyTenantConfigurationHashKey = "cozyTenantConfigurationHash" -) - // +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object // ApplicationList is a list of Application objects. diff --git a/pkg/registry/apps/application/rest.go b/pkg/registry/apps/application/rest.go index 8688c94d..9a3eb32d 100644 --- a/pkg/registry/apps/application/rest.go +++ b/pkg/registry/apps/application/rest.go @@ -988,18 +988,6 @@ func (r *REST) convertApplicationToHelmRelease(app *appsv1alpha1.Application) (* }, } - valuesFromConfigMap := appsv1alpha1.CozyTenantConfigurationHashConfigMapName - if helmRelease.Name == "tenant-root" && helmRelease.Namespace == "tenant-root" { - valuesFromConfigMap = appsv1alpha1.CozySystemConfigurationHashConfigMapName - } - helmRelease.Spec.ValuesFrom = []helmv2.ValuesReference{{ - Kind: "ConfigMap", - Name: valuesFromConfigMap, - ValuesKey: appsv1alpha1.CozyTenantConfigurationHashKey, - TargetPath: appsv1alpha1.CozyTenantConfigurationHashKey, - Optional: true, - }} - return helmRelease, nil } From 1c53a6f9f6c31a5bf4d2684e9a92e37c8d6b61a0 Mon Sep 17 00:00:00 2001 From: Andrei Kvapil Date: Wed, 23 Apr 2025 13:59:35 +0200 Subject: [PATCH 38/38] [e2e] fix timeouts for capi and keycloak Signed-off-by: Andrei Kvapil --- hack/e2e.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/hack/e2e.sh b/hack/e2e.sh index 33d0db16..9857a042 100755 --- a/hack/e2e.sh +++ b/hack/e2e.sh @@ -234,8 +234,8 @@ sleep 5 kubectl get hr -A | awk 'NR>1 {print "kubectl wait --timeout=15m --for=condition=ready -n " $1 " hr/" $2 " &"} END{print "wait"}' | sh -x # Wait for Cluster-API providers -timeout 30 sh -c 'until kubectl get deploy -n cozy-cluster-api capi-controller-manager capi-kamaji-controller-manager capi-kubeadm-bootstrap-controller-manager capi-operator-cluster-api-operator capk-controller-manager; do sleep 1; done' -kubectl wait deploy --timeout=30s --for=condition=available -n cozy-cluster-api capi-controller-manager capi-kamaji-controller-manager capi-kubeadm-bootstrap-controller-manager capi-operator-cluster-api-operator capk-controller-manager +timeout 60 sh -c 'until kubectl get deploy -n cozy-cluster-api capi-controller-manager capi-kamaji-controller-manager capi-kubeadm-bootstrap-controller-manager capi-operator-cluster-api-operator capk-controller-manager; do sleep 1; done' +kubectl wait deploy --timeout=1m --for=condition=available -n cozy-cluster-api capi-controller-manager capi-kamaji-controller-manager capi-kubeadm-bootstrap-controller-manager capi-operator-cluster-api-operator capk-controller-manager # Wait for linstor controller kubectl wait deploy --timeout=5m --for=condition=available -n cozy-linstor linstor-controller @@ -357,5 +357,5 @@ kubectl patch -n cozy-system cm/cozystack --type=merge -p '{"data":{ "oidc-enabled": "true" }}' -timeout 60 sh -c 'until kubectl get hr -n cozy-keycloak keycloak keycloak-configure keycloak-operator; do sleep 1; done' +timeout 120 sh -c 'until kubectl get hr -n cozy-keycloak keycloak keycloak-configure keycloak-operator; do sleep 1; done' kubectl wait --timeout=10m --for=condition=ready -n cozy-keycloak hr keycloak keycloak-configure keycloak-operator